The Web Security Challenge: - Jigsaw Business Networks Ltd

abdomendebonairΑσφάλεια

2 Νοε 2013 (πριν από 3 χρόνια και 5 μήνες)

101 εμφανίσεις

© 2008 The Tolly Group
Document # 208326
The Web Security Challenge:
A Competitive Guide to Selecting
Secure Web Gateways
A white paper
commissioned by
Websense, Inc.
White Paper
December 2008WHITE PAPER: The Web Security Challenge: A Competitive Guide to Selecting Web Security Gateways
Table of Contents
_ÉÑçêÉ=ìëáåÖ=íÜáë=ÇçÅìãÉåí=óçì=ãìëí=~ÖêÉÉ=íç=íÜÉ=íÉêãë=çÑ=ìë~ÖÉK
qÜÉëÉ=íÉêãë=~êÉ=äáëíÉÇ=çå=íÜÉ=Ñáå~ä=é~ÖÉK
Executive Summary 4
Web 2.0 Effectiveness 7
Manageability and Scalability 9
Policy Interface 11
Reporting Capabilities 13
URL Filtering 15
Malware Filtering 16
Application Control 18
Data Loss Protection 20
Network Implementation 22
Integration with Other Solutions 24
Service and support 26
Test Methodology 28
Alexa 100,000 URL Filtering/Classification Test 28
«=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========OWHITE PAPER: The Web Security Challenge: A Competitive Guide to Selecting Web Security Gateways
Table of Contents
_ÉÑçêÉ=ìëáåÖ=íÜáë=ÇçÅìãÉåí=óçì=ãìëí=~ÖêÉÉ=íç=íÜÉ=íÉêãë=çÑ=ìë~ÖÉK
qÜÉëÉ=íÉêãë=~êÉ=äáëíÉÇ=çå=íÜÉ=Ñáå~ä=é~ÖÉK
“Long Tail” or Extended URL Classification Test 28
Phishing and/or Proxy Avoidance URL Detection Accuracy Test29
Binary Exploits and Compromises Detection Accuracy Test 29
Malware-infected URL Detection Accuracy Test 30
Web 2.0-Based Malicious URL Detection Accuracy Test 30
Criteria Evaluation by UI Inspection 31
Interaction with Competing Vendors 32
Appendix: Product List 33
«=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========PT H E
T H E
WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting
TOLLY
TOLLY
Secure Web Gateways
GROUP
GROUP
Executive Summary
The World Wide Web has changed dramatically in the past decade. The use of the
Web as an application platform, a communication medium, and a business tool,
combined with the migration of attackers onto the Web, demands new solutions to
help manage business and mitigate security threats. Enterprise IT managers
should carefully evaluate both the ease of management, as well as the effective-
ness, of gateway-based Web security solutions against a constantly evolving
threat landscape.
tÉÄëÉåëÉI=fåÅK=ÅçããáëëáçåÉÇ=qÜÉ=qçääó=dêçìé=íç=Éî~äì~íÉ=áíë=tÉÄ=pÉÅìJ
êáíó=d~íÉï~ó=~Ö~áåëí=çíÜÉê=~î~áä~ÄäÉ=Ö~íÉï~ó=ëÉÅìêáíó=éêçÇìÅíëK=qÜÉ=ÅçãJ
éÉíáåÖ=éêçÇìÅíë=íÉëíÉÇ=ïÉêÉW=_äìÉ=`ç~í=póëíÉãëÛ=mêçñópd=ONM=~åÇ=
mêçñó^s=RNM=~ééäá~åÅÉëI=`áëÅç=póëíÉãë=fåÅKÛë=fêçåmçêí=pSRM=tÉÄ=pÉÅìêáíó=
^ééäá~åÅÉI=qêÉåÇ=jáÅêçI=fåÅKÛë=fåíÉêpÅ~å=tÉÄ=pÉÅìêáíó=pìáíÉ=EftppFI=~åÇ=
pÉÅìêÉ=`çãéìíáåÖ=`çêéçê~íáçåÛë=pÉÅìêÉ=tÉÄ=EtÉÄï~ëÜÉêF=~ééäá~åÅÉK=
Note: All products under test shall be referenced by their manufacturer s
name hereafter in the document.
Websense Web Security Gateway combines powerful and
easy-to-manage software with the ability to mitigate
dynamic Web-based threats, exceeding other vendors
tested in meeting Gartner’s criteria* for buying Secure
Web Gateways.
GaáëÅä~áãÉêW
qÜÉ=d~êíåÉê=êÉéçêí= ^=_ìóÉêÛë=dìáÇÉ=íç=pÉÅìêÉ=tÉÄ=d~íÉï~óëÒ=Äó=mÉíÉê=cáêëíÄêççâ=~åÇ=
i~ïêÉåÅÉ=lê~åë=Ed~êíåÉê=o^p=`çêÉ=oÉëÉ~êÅÜ=kçíÉ=dMMNRVSSVX=NR=^ìÖìëí=OMMUF=ï~ë=
ìëÉÇ=çåäó=~ë=~=êÉèìáêÉãÉåíë=ÖìáÇÉ=áå=íÜáë=Éî~äì~íáçåK=eçïÉîÉêI=~åó=~åÇ=~ää=îÉåÇçê=~åÇ=
éêçÇìÅí=Åçãé~êáëçåë=~åÇ=Éî~äì~íáçåë=ïÉêÉ=ÇçåÉ=Äó=íÜÉ=qçääó=dêçìé=~åÇ=áå=åç=ï~ó=Çç=íÜÉó=
ÉñéêÉëë=íÜÉ=çéáåáçå=çÑ=d~êíåÉêK
^ää=ëí~íÉãÉåíë=áå=íÜáë=êÉéçêí=~ííêáÄìí~ÄäÉ=íç=d~êíåÉê=êÉéêÉëÉåí=tÉÄëÉåëÉI=fåÅKÛë=áåíÉêéêÉí~J
íáçå=çÑ=Ç~í~I=êÉëÉ~êÅÜ=çéáåáçå=çê=îáÉïéçáåíë=éìÄäáëÜÉÇ=~ë=é~êí=çÑ=~=ëóåÇáÅ~íÉÇ=ëìÄëÅêáéíáçå=
ëÉêîáÅÉ=Äó=d~êíåÉêI=fåÅKI=~åÇ=Ü~îÉ=åçí=ÄÉÉå=êÉîáÉïÉÇ=Äó=d~êíåÉêK=b~ÅÜ=d~êíåÉê=éìÄäáÅ~íáçå=
ëéÉ~âë=~ë=çÑ=áíë=çêáÖáå~ä=éìÄäáÅ~íáçå=Ç~íÉ=E~åÇ=åçí=~ë=çÑ=íÜÉ=Ç~íÉ=çÑ=íÜáë=êÉéçêíFK=qÜÉ=çéáåJ
áçåë=ÉñéêÉëëÉÇ=áå=d~êíåÉê=éìÄäáÅ~íáçåë=~êÉ=åçí=êÉéêÉëÉåí~íáçåë=çÑ=Ñ~ÅíI=~åÇ=~êÉ=ëìÄàÉÅí=íç=
ÅÜ~åÖÉ=ïáíÜçìí=åçíáÅÉK
fÑ=ÅäáÉåíë=ÇÉëáêÉ=d~êíåÉê=íç=îÉêáÑó=íÜ~í=èìçíÉë=~êÉ=~ÅÅìê~íÉ=~åÇ=Åçãéäó=ïáíÜ=d~êíåÉêÛë=`çéóJ
êáÖÜí=~åÇ=nìçíÉ=mçäáÅóI=d~êíåÉê=éêçîáÇÉë=~=ëÉêîáÅÉ=íÜ~í=îÉêáÑáÉë=èìçíÉ=~ÅÅìê~Åó=~åÇ=~ééêçJ
éêá~íÉåÉëëK=`äáÉåíë=ïáëÜáåÖ=íç=í~âÉ=~Çî~åí~ÖÉ=çÑ=íÜáë=ëÉêîáÅÉ=ëÜçìäÇ=Åçåí~Åí=d~êíåÉê=sÉåJ
Ççê=oÉä~íáçåë=~í=îÉåÇçêKêÉä~íáçåë]Ö~êíåÉêKÅçãK
«=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========QT H E
T H E
WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting
TOLLY
TOLLY
Secure Web Gateways
GROUP
GROUP
qçääó=dêçìé=ÉåÖáåÉÉêë=Éî~äì~íÉÇ=íÜÉ=éêçÇìÅíë=ìåÇÉê=íÉëí=Ä~ëÉÇ=
çå=~=ëÉí=çÑ=ÅêáíÉêá~=d~êíåÉê=áÇÉåíáÑáÉÇ=~ë=íÜÉ=ãçëíJ~Çî~åÅÉÇ=ÑÉ~J
tÉÄëÉåëÉI=
íìêÉë=íÜ~í=ÅçìäÇ=ÜÉäé=ïáíÜ=Åçãé~ê~íáîÉ=Éî~äì~íáçå=~åÇ=ëÉäÉÅíáçå=
fåÅK
çÑ=~=ëÉÅìêÉ=tÉÄ=Ö~íÉï~óK=qÉëíë=ïÉêÉ=ÅçåÇìÅíÉÇ=áå=lÅíçÄÉê=
pÉÅìêÉ=tÉÄ=
OMMUK
d~íÉï~ó
cêçã=~=ÜáÖÜJäÉîÉä=éÉêëéÉÅíáîÉI=íÜÉ=d~êíåÉê=ptd=ÄìóÉêÛë=ÖìáÇÉ=
`çãéÉíáíáîÉ=
ë~óë=íÜ~í=îÉåÇçêë=çÑ=roi=ÑáäíÉêáåÖI=éêçñó=ëÉêîÉêëI=~åÇ=~åíáJîáêìëL
bî~äì~íáçå=çÑ=tÉÄ=pÉÅìêáíó=
~åíáJëé~ã=ëçäìíáçåëI=~ää=~êÉ=~ééêç~ÅÜáåÖ=íÜÉ=ëÉÅìêÉ=tÉÄ=Ö~íÉJ
cÉ~íìêÉë
ï~ó=ã~êâÉí=Ñêçã=ÇáÑÑÉêÉåí=ÇáêÉÅíáçåëK=qÜÉ=qçääó=dêçìéÛë=Ü~åÇëJçå=
~å~äóëáë=çÑ=íÜÉëÉ=éêçÇìÅíë=îÉêáÑáÉë=íÜ~í=ïÜáäÉ=íÜÉ=ã~àçêáíó=çÑ=
éêçÇìÅíë=íÉëíÉÇ=ÉñÅÉä=áå=~=ÑÉï=~êÉ~ëI=çåäó=tÉÄëÉåëÉÛë=tÉÄ=pÉÅìJ
êáíó=d~íÉï~ó=ëÅçêÉÇ=ìåáÑçêãäó=ÜáÖÜ=~åÇ=ÇÉäáîÉêÉÇ=ÑÉ~íìêÉJêáÅÜ=Å~é~ÄáäáíáÉë=
~Åêçëë=~ää=åáåÉ=ÑìåÅíáçå~ä=~êÉ~ë=íÜ~í=ÉåÖáåÉÉêë=Éñ~ãáåÉÇK=
qçääó=dêçìé=ÉåÖáåÉÉêë=~ëëáÖåÉÇ=~=ëìÄàÉÅíáîÉ=ëÅçêÉ=íç=É~ÅÜ=çÑ=íÜÉ=åáåÉ=
éêçÇìÅí=ÅêáíÉêá~=Éî~äì~íÉÇ=~åÇ=í~ääáÉÇ=~=ÅçãéçëáíÉ=ëÅçêÉ=Ñçê=É~ÅÜ=éêçÇìÅíK=
táíÜ=~=ëÅçêÉ=çÑ=OMNI=tÉÄëÉåëÉ=pÉÅìêáíó=d~íÉï~ó=~äãçëí=ÇçìÄäÉÇ=íÜÉ=éçáåí=
íçí~ä=çÑ=áíë=åÉñí=åÉ~êÉëí=ÅçãéÉíáíçêK=EpÉÉ=cáÖìêÉ=NI=é~ÖÉ=RKF
jçêÉçîÉêI=áå=~ÇÇáíáçå=íç=ëí~åÇ~êÇ=roi=ÑáäíÉêáåÖ=~åÇ=íê~Çáíáçå~ä=ã~äï~êÉ=éêçJ
íÉÅíáçå=íÜ~í=áë=~î~áä~ÄäÉ=çå=~åó=ëÉÅìêÉ=tÉÄ=Ö~íÉï~óI=tÉÄëÉåëÉ=áë=íÜÉ=Ñáêëí=
îÉåÇçê=Éñ~ãáåÉÇ=Äó=qÜÉ=qçääó=dêçìé=ÉåÖáåÉÉêë=íç=çÑÑÉê=~=Ñìääó=áåíÉÖê~íÉÇ=
aim=çéíáçåI=~ääçïáåÖ=íÜÉ=Åçãé~åó=íç=çÑÑÉê=~=äÉîÉä=çÑ=Ç~í~=äçëë=éêçíÉÅíáçå=
ìåã~íÅÜÉÇ=å~íáîÉäó=Äó=êáî~ä=éêçÇìÅíë=íÉëíÉÇK=qÜÉ=pÉÅìêÉ=tÉÄ=d~íÉï~ó=ÇÉJ
äáîÉêë=~=ãçêÉ=ÑìåÅíáçå~ä=ã~å~ÖÉãÉåí=áåíÉêÑ~ÅÉI=ëÅ~ä~Äáäáíó=Å~é~ÄáäáíáÉëI=~åÇ=
êáÅÜÉê=êÉéçêíáåÖ=ÑìåÅíáçåë=íÜ~å=êáî~ä=éêçÇìÅíë=íÉëíÉÇK
q~âÉå=~ë=~=ïÜçäÉI=íÜÉ=ÅçãéçëáíÉ=ëÅçêÉë=Ñêçã=É~ÅÜ=çÑ=íÜÉ=Éî~äì~íÉÇ=ëÉäÉÅJ
íáçå=ÅêáíÉêá~=ëÜçï=íÜ~í=tÉÄëÉåëÉÛë=tÉÄ=pÉÅìêáíó=d~íÉï~ó=áë=íÜÉ=ãçëí=
ÑÉ~íìêÉJêáÅÜ=çÑ=íÜÉ=éêçÇìÅíë=íÉëíÉÇI=~äçåÖ=ïáíÜW
çÑÑÉêáåÖ=íÜÉ=ïáÇÉëí=ÅçîÉê~ÖÉ=~åÇ=íÜÉ=ÖêÉ~íÉëí=~ÅÅìê~Åó=áå=
Å~íÉÖçêáòáåÖ=Çóå~ãáÅ=ÅçåíÉåí=çå=tÉÄ=OKM=ëáíÉë
ÄäçÅâáåÖ=ãçêÉ=fåíÉêåÉíJÄ~ëÉÇ=íÜêÉ~íë=íÜ~å=~ää=çíÜÉê=éêçÇìÅíë=íÉëíÉÇ
éêçîáÇáåÖ=íÜÉ=É~ëáÉëí=íç=ìëÉ=áåíÉêÑ~ÅÉ=çÑ=íÜÉ=éêçÇìÅíë=íÉëíÉÇ
ÇÉäáîÉêáåÖ=ÖêÉ~íÉê=ÑäÉñáÄáäáíó=íÜ~å=~åó=çíÜÉê=ëçäìíáçåë=íÉëíÉÇ
«=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========RT H E
T H E
WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting
TOLLY
TOLLY
Secure Web Gateways
GROUP
GROUP
Composite Scores of Products Tested Across Evaluation Areas















All criteria listed were rated subjectively either by examining publicly available documentation from the
vendors; or by launching the management interface, configuring the desired behavior and observing the
results. The subjective usability, layout and overall effectiveness of each function by vendor has been
assigned a value ranging from 1 (least effective) to 4 (most effective) to indicate the Tolly engineers' im-
pression of each of the units tested. Detailed breakdown of scores in each area of evaluation can be
seen in Figures 4. through 12.
Figure 1
Source: The Tolly Group, November 2008
«=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========S












T H E
T H E
WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting
TOLLY
TOLLY
Secure Web Gateways
GROUP
GROUP
qÜáë=ïÜáíÉ=é~éÉê=ïáää=ÉñéäçêÉ=ÑáåÇáåÖë=Ñçê=É~ÅÜ=çÑ=íÜÉ=Éî~äì~íáçå=ÅêáíÉêá~=áå=
íÜÉ=é~ÖÉë=~åÇ=ÅÜ~êíë=íÜ~í=ÑçääçïK=
få=ÅçåÅäìëáçåI=tÉÄëÉåëÉ=tÉÄ=pÉÅìêáíó=d~íÉï~ó=ÅçãÄáåÉÇ=íÜÉ=ÄÉëí=çÑ=
ÄêÉÉÇ=íÉÅÜåçäçÖáÉë=íç=çÑÑÉê=~=éêçÇìÅí=íÜ~í=áë=É~ëáÉê=íç=ã~å~ÖÉI=ëÅ~äÉë=
ÄÉííÉêI=éêçîáÇÉë=ãçêÉ=Öê~åìä~ê=çéíáçåë=íç=Åçåíêçä=åÉíïçêâ=~ééäáÅ~íáçå=íê~ÑÑáÅ=
~åÇ=Öì~êÇë=~Ö~áåëí=íÜÉ=Çóå~ãáÅ~ääó=ÅÜ~åÖáåÖ=íÜêÉ~í=ä~åÇëÅ~éÉ=çÑ=tÉÄJ
Ä~ëÉÇ=~íí~ÅâëK
Web 2.0 Effectiveness
tÉÄ=OKM=ëáíÉë=~êÉ=ê~éáÇäó=ÖêçïáåÖ=íç=ÄÉ=ëçãÉ=çÑ=íÜÉ=ãçëí=îáëáíÉÇ=tÉÄ=ëáíÉë=
çå=íÜÉ=fåíÉêåÉíK=qÜÉ=~Äáäáíó=çÑ=ìëÉêë=íç=ÑêÉÉäó=ÅêÉ~íÉ=~åÇ=ìéäç~Ç=
ÅçåíÉåí=çåíç=tÉÄ=OKM=ëáíÉë=áë=áåÅêÉ~ëáåÖäó=~ííê~ÅíáîÉ=íç=~íí~ÅâÉêë=ïÜç
ìéäç~Ç=ã~äáÅáçìë=~åÇ=çÄàÉÅíáçå~ÄäÉ=ÅçåíÉåí=çåíç=êÉéìí~ÄäÉ=tÉÄ=OKM=ëáíÉë=
äáâÉ=_äçÖëéçí=EÜííéWLLÄäçÖëéçíKÅçãFI=tçêÇmêÉëë=EÜííéWLLïçêÇéêÉëëKçêÖFI=çê=
çåíç=äÉÖáíáã~íÉ=ëáíÉë=íÜ~í=Ü~îÉ=ÄÉÉå=ÅçãéêçãáëÉÇK=qÜÉ=~Äáäáíó=çÑ=~=tÉÄ=ëÉJ
Åìêáíó=Ö~íÉï~ó=íç=ÇÉíÉÅí=ã~äáÅáçìë=ÅçåíÉåí=~ÅÅìê~íÉäó=çå=Çóå~ãáÅ=tÉÄ=ëáíÉë=
äáâÉ=tÉÄ=OKM=êÉäáÉë=ÖêÉ~íäó=çå=êÉ~äJíáãÉ=~å~äóëáë=çÑ=ÅçåíÉåíI=~åÇ=åçí=àìëí=çå=
íÜÉ=êÉéìí~íáçå=çÑ=íÜÉ=tÉÄ=ëáíÉëK
qÉëíë=ìëáåÖ=VSR=äáîÉ=roië=Ñêçã=éçéìä~ê=tÉÄ=OKM=ëáíÉë=äáâÉ=ÄäçÖëéçíKÅçã=
~åÇ=ïçêÇéêÉëëKÅçã=íÜ~í=ïÉêÉ=ÜçëíáåÖ=ã~äáÅáçìë=çê=çÄàÉÅíáçå~ÄäÉ=ÅçåíÉåí=
êÉîÉ~äÉÇ=tÉÄëÉåëÉÛë=éçïÉêÑìä=êÉ~äJíáãÉ=ÅçåíÉåí=~å~äóëáë=Å~é~ÄáäáíóK=tÉÄJ
ëÉåëÉ=ÄäçÅâÉÇ=~äãçëí=VVB=çÑ=íÜÉ=ã~äáÅáçìë=roië=ïÜáäÉ=ÅçãéÉíáåÖ=éêçÇìÅíë=
ÄäçÅâÉÇ=ÄÉíïÉÉå=äÉëë=íÜ~å=OB=íç=~Äçìí=QMBK=EpÉÉ=cáÖìêÉ=OKF=
qÜáë=ÜìÖÉ=ëéêÉ~Ç=çÑ=êÉëìäíë=Ñêçã=éêçÇìÅíë=ìëáåÖ=tÉÄ=oÉéìí~íáçå=ëÉêîáÅÉë=
~åÇ=íê~Çáíáçå~ä=roi=Ç~í~Ä~ëÉë=ëÜçïë=íÜ~í=äÉÖ~Åó=ãÉíÜçÇë=çÑ=roi=ÑáäíÉêáåÖ=
~êÉ=åçí=éçïÉêÑìä=ÉåçìÖÜ=çå=íÜÉáê=çïåI=ìåäÉëë=áíÛë=~ìÖãÉåíÉÇ=Äó=ÉÑÑÉÅíáîÉ=
ìëÉ=çÑ=çíÜÉê=íÉÅÜåçäçÖáÉë=äáâÉ=çåJéêÉãáëÉëI=êÉ~äJíáãÉ=ÅçåíÉåí=~å~äóëáëI=ÜÉìJ
êáëíáÅëI=ÉíÅK
qÉëíë=~äëç=ëÜçïÉÇ=íÜ~í=tÉÄëÉåëÉ=Ü~Ç=íÜÉ=ïáÇÉëí=roi=ÅçîÉê~ÖÉ=çÑ=íÜÉ=
Úâåçïå=tÉÄÛ=çìí=çÑ=íÜÉ=éêçÇìÅíë=íÉëíÉÇI=~ë=ÉîáÇÉåÅÉÇ=Äó=íÜÉ=êÉëìäíë=Ñêçã=
íÜÉ=^äÉñ~=NMMIMMM=roi=Åä~ëëáÑáÅ~íáçå=íÉëíK=qÜáë=íÉëí=ëÜçïÉÇ=íÜ~í=íÜÉ=tÉÄJ
ëÉåëÉ=Åä~ëëáÑáÉÇ=VTKNB=çÑ=íÜÉ=íçé=NMMIMMM=ãçëí=îáëáíÉÇ=tÉÄ=ëáíÉë=çå=íÜÉ=
fåíÉêåÉí=E~ë=äáëíÉÇ=Äó=íÜÉ=^äÉñ~=NMMIMMM=roi=äáëíFI=ïÜáäÉ=ÅçãéÉíáåÖ=îÉåÇçêë=
Åä~ëëáÑáÉÇ=ÄÉíïÉÉå=VOB=íç=VQBK=EpÉÉ=cáÖìêÉ=PKF=
«=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========TT H E
T H E
WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting
TOLLY
TOLLY
Secure Web Gateways
GROUP
GROUP
Web 2.0 Detection Accuracy Effectiveness
98.9
NMM
TR
RM
40.2
OR
11.1 11
1.8
M
Websense BlueCoat Cisco Secure Trend
Computing Micro
Note: All URLs tested were sourced from the Websense ThreatSeeker network, within
six to 24 hours of the testing window.
Source: The Tolly Group, November 2008 Figure 2
qÉëíë=~äëç=ëÜçïÉÇ=tÉÄëÉåëÉÛë=ëìéÉêáçê=~Äáäáíó=íç=Åä~ëëáÑó=íÜÉ=Úìåâåçïå=
tÉÄÛ=EêÉÑÉêêÉÇ=íç=~ë=íÜÉ=ÚiçåÖ=q~áäÛ=çÑ=íÜÉ=fåíÉêåÉíF=íóéáÅ~ääó=ÅçåëáëíáåÖ=çÑ=
àìåâI=éÉêëçå~ä=çê=ëÅ~ã=tÉÄ=ëáíÉëI=çê=íÜÉ=ãáääáçåë=çÑ=åÉï=tÉÄ=ëáíÉë=ÅêÉ~íÉÇ=
ÉîÉêó=Ç~óK=mêçÇìÅíë=ëçäÉäó=êÉäóáåÖ=çå=tÉÄ=êÉéìí~íáçåJÄ~ëÉÇ=Åä~ëëáÑáÅ~íáçå=çê=
íê~Çáíáçå~ä=roi=Ç~í~Ä~ëÉë=Å~ååçí=~ÇÉèì~íÉäó=âÉÉé=ìé=ïáíÜ=íÜÉ=ÇÉã~åÇ=íç=
Åä~ëëáÑó=tÉÄ=ëáíÉë=áå=íÜÉ=içåÖ=q~áä=çÑ=íÜÉ=fåíÉêåÉíK=tÉÄëÉåëÉ=ÇÉãçåëíê~íÉÇ=
áíë=ëíêÉåÖíÜ=áå=êÉ~äJíáãÉ=Åä~ëëáÑáÅ~íáçå=çÑ=tÉÄ=ÅçåíÉåí=Äó=Å~íÉÖçêáòáåÖ=VVKVB=
çÑ=íÜÉ=NUIRUM=äáîÉ=roië=ëçìêÅÉÇ=Ñêçã=íÜÉ=içåÖ=q~áäK=få=Åçåíê~ëíI=íÜÉ=ÅçãJ
éÉíáåÖ=îÉåÇçêë=Åä~ëëáÑáÉÇ=ÄÉíïÉÉå=PSB=~åÇ=TMBK
få=íÉëíë=ÑçÅìëáåÖ=çå=ÇÉíÉÅíáåÖ=~åÇ=ÄäçÅâáåÖ=roië=äÉ~ÇáåÖ=íç=mÜáëÜáåÖ=~åÇLçê=
mêçñó=~îçáÇ~åÅÉ=tÉÄ=ëáíÉëI=tÉÄëÉåëÉ=çåÅÉ=~Ö~áå=ÇÉíÉÅíÉÇ=VUKPB=çÑ=íÜÉ=
OIPMO=äáîÉ=roiëI=ïÜáäÉ=íÜÉ=ÅçãéÉíáåÖ=îÉåÇçêë=ÇÉíÉÅíÉÇ=ÄÉíïÉÉå=TMB=~åÇ=
UUBK=páãáä~êäóI=áå=íÉëíë=ïáíÜ=PTV=roië=Åçåí~áåáåÖ=Äáå~êó=Éñéäçáíë=çê=ÅçãJ
éêçãáëÉ=ÅçÇÉI=tÉÄëÉåëÉ=ÄäçÅâÉÇ=VVB=çÑ=roiëI=îÉêëìë=çíÜÉê=îÉåÇçêë=ïÜç=
ÄäçÅâÉÇ=ÄÉíïÉÉå=RPB=íç=VNBK=^äëçI=çå=íÉëíë=ïáíÜ=USR=roië=ÜçëíáåÖ=j~äJ
«=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========U
Percent of detection accuracy (%)T H E
T H E
WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting
TOLLY
TOLLY
Secure Web Gateways
GROUP
GROUP
ï~êÉI=tÉÄëÉåëÉ=ÄäçÅâÉÇ=VUKQB=ïÜáäÉ=çíÜÉê=îÉåÇçêë=ÄäçÅâÉÇ=ÄÉíïÉÉå=SRB=
~åÇ=~êçìåÇ=VSBK=EpÉÉ=cáÖìêÉ=PKF
Web 2.0 Accuracy and Coverage Test Results
















Figure 3
Source: The Tolly Group, November 2008
Manageability and Scalability
oÉÇìÅÉÇ=~Çãáåáëíê~íáçå=çîÉêÜÉ~Ç=áë=çåÉ=çÑ=íÜÉ=íçé=ÅçåÅÉêåë=çÑ=ëÉÅìêáíó=
~Çãáåáëíê~íçêëK=qÜÉ=êÉéçêí=ÉãéÜ~ëáòÉë=íÜÉ=áãéçêí~åÅÉ=çÑ=~å=ÉÑÑÉÅíáîÉ=í~ëâJ
çêáÉåíÉÇ=Öê~éÜáÅ~ä=ìëÉê=áåíÉêÑ~ÅÉ=EdrfF=~åÇ=ÅçãéêÉÜÉåëáîÉ=ã~å~ÖÉãÉåí=
áåíÉêÑ~ÅÉ=íç=äçïÉê=íçí~ä=Åçëí=çÑ=çïåÉêëÜáéK
qçääó=dêçìé=Ü~åÇëJçå=íÉëíáåÖ=ëÜçïë=íÜ~í=tÉÄëÉåëÉ=êÉÅÉáîÉ=~=ã~ñáãìã=
ëÅçêÉ=çÑ= QÒ=Ñçê=ÑáîÉ=çÑ=íÜÉ=ÉáÖÜí=ã~å~ÖÉãÉåí=áåíÉêÑ~ÅÉ=ÅêáíÉêá~=êÉîáÉïÉÇ=Äó=
ÉåÖáåÉÉêëK=låäó=çåÉ=çíÜÉê=éêçÇìÅí=Ü~Ç=íïç= QëÒ=Ñçê=áíë=ã~å~ÖÉãÉåí=áåíÉêJ
Ñ~ÅÉK=lÑ=é~êíáÅìä~ê=åçíÉ=ï~ë=tÉÄëÉåëÉÛë=êÉ~äJíáãÉ=ÉîÉåí=Ç~ëÜÄç~êÇ=ïáíÜ=
~Åíáçå~ÄäÉ=~äÉêíë=ïÜáÅÜ=Éå~ÄäÉë=ê~éáÇ=ÉîÉåí=áÇÉåíáÑáÅ~íáçå=~åÇ=éêç~ÅíáîÉ=áåJ
«=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========V























T H E
T H E
WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting
TOLLY
TOLLY
Secure Web Gateways
GROUP
GROUP
ÅáÇÉåí=êÉëéçåëÉK=tÉÄëÉåëÉ=~äëç=ï~ë=Öê~ÇÉÇ=~= QÒ=Ñçê=áíë=Åìëíçãáò~ÄäÉ=
Ç~ëÜÄç~êÇ=îáÉïëK=tÉÄëÉåëÉ=~äëç=É~êåÉÇ= QëÒ=Ñçê=Öê~åìä~ê=êçäÉJÄ~ëÉÇ=
Management and Scalability Scoring















































Source: The Tolly Group, November 2008 Figure 4
«=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========NM










































T H E
T H E
WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting
TOLLY
TOLLY
Secure Web Gateways
GROUP
GROUP
~Çãáåáëíê~íáçåI=~ìíçã~íÉÇ=~äÉêíáåÖI=~Çî~åÅÉÇ=ÜÉäéI=ÅÉåíê~äáòÉÇ=ã~å~ÖÉJ
ãÉåí=çÑ=ãìäíáéäÉ=~ééäá~åÅÉë=~åÇ=å~íáîÉ=äç~Ç=Ä~ä~åÅáåÖL~ÅíáîÉ=ÅäìëíÉêáåÖK=få=
íçí~äI=áí=É~êåÉÇ=QM=éçáåíëI=îÉêëìë=PN=Ñçê=íÜÉ=åÉ~êÉëí=ÅçãéÉíáíçêK=EpÉÉ=cáÖìêÉ=
QKF=
Policy Interface
^åó=éçäáÅó=áåíÉêÑ~ÅÉë=ëÜçìäÇ=ÄÉ=É~ëó=íç=ìëÉI=áåíìáíáîÉ=Ñçê=åçåJíÉÅÜåáÅ~ä=éÉêJ
ëçååÉä=~åÇ=ìëÉêJÑêáÉåÇäóK=eÉêÉI=íççI=tÉÄëÉåëÉ=êÉÅÉáîÉ= QëÒ=Ñçê=Ñçìê=çÑ=íÜÉ=
ëÉîÉå=ÅêáíÉêá~=êÉîáÉïÉÇ=~åÇ=ï~ë=íÜÉ=çåäó=ëÉÅìêÉ=Ö~íÉï~ó=îÉåÇçê=íç=êÉÅÉáîÉ=
íÜÉ=ÜáÖÜÉëí=ã~êâ=éçëëáÄäÉ=Ñçê=éçäáÅó=áåíÉêÑ~ÅÉëK
tÉÄëÉåëÉ=êÉÅÉáîÉÇ=íÜÉ=ÜáÖÜ=Öê~ÇÉë=Ñçê=íÜÉ=~Äáäáíó=íç=çÑÑÉê=~=ëáåÖäÉ=é~ÖÉ=
îáÉï=çÑ=éçäáÅó=ëí~íÉãÉåíëI=êÉìë~ÄäÉ=éçäáÅó=çÄàÉÅíëI=íÜÉ=~Äáäáíó=íç=ãçÇáÑó=áåJ
ÜÉêáíÉÇ=éçäáÅáÉë=~åÇ=Ñçê=êÉéçêíáåÖ=Äó=éçäáÅó=íóéÉI=ïÜáÅÜ=áë=ÉëëÉåíá~ä=áå=ÇÉíÉêJ
ãáåáåÖ=Åçãéäá~åÅÉ=íç=~=éçäáÅóK=lîÉê~ääI=tÉÄëÉåëÉ=É~êåÉÇ=~=ëÅçêÉ=çÑ=OOI=
îÉêëìë=áíë=åÉñí=åÉ~êÉëí=êáî~ä=ïáíÜ=~=ëÅçêÉ=çÑ=NQK=EpÉÉ=cáÖìêÉ=RKF
«=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========NNT H E
T H E
WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting
TOLLY
TOLLY
Secure Web Gateways
GROUP
GROUP
Policy Interface Scoring



































Figure 5
Source: The Tolly Group, November 2008
«=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========NO




















T H E
T H E
WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting
TOLLY
TOLLY
Secure Web Gateways
GROUP
GROUP
Reporting Capabilities
oÉéçêíáåÖ=Å~é~ÄáäáíáÉë=Ü~îÉ=ÉãÉêÖÉÇ=~ë=~å=ÉëëÉåíá~ä=ÅçãéçåÉåí=çÑ=pÉÅìêÉ=
tÉÄ=Ö~íÉï~óë=ÄÉÅ~ìëÉ=íÜÉó=ÄêáÇÖÉ=íÜÉ=íÉÅÜåáÅ~ä=ïçêäÇ=ïáíÜ=íÜÉ=ÄìëáåÉëë=
ëáÇÉ=çÑ=íÜÉ=Åçãé~åóK=_ìëáåÉëë=ìëÉêë=ÇçåÛí=Ü~îÉ=íáãÉ=íç=ï~ÇÉ=íÜêçìÖÜ=ÖçÄë=
çÑ=íÉÅÜåáÅ~ä=Ç~í~I=Äìí=áåëíÉ~Ç=ï~åí=ëìãã~êó=áåÑç=Ü~êîÉëíÉÇ=~åÇ=éêÉëÉåíÉÇ=
áå=~å=É~ëó=íç=Ñçääçï=Ñçêã~íK=
tÉÄëÉåëÉ=êÉÅÉáîÉ=íÜÉ=ã~ñáãìã=ëÅçêÉ=çÑ= QÒ=áå=ÉáÖÜí=çÑ=åáåÉ=~î~áä~ÄäÉ=
Å~íÉÖçêáÉëI=ïÜáäÉ=êáî~ä=éêçÇìÅíë=ëÅçêÉÇ=~=N=çê=O=áå=ãçëí=Å~íÉÖçêáÉëK
tÉÄëÉåëÉ=É~êåÉÇ=~=ëÅçêÉ=çÑ=PRI=ïÜáäÉ=íÜÉ=åÉñí=ÅçãéÉíáåÖ=éêçÇìÅí=
êÉÅÉáîÉÇ=~=OOK=tÉÄëÉåëÉ=êÉÅÉáîÉÇ=ÜáÖÜ=Öê~ÇÉë=Ñçê=íÜÉ=äÉîÉä=çÑ=ÄìëáåÉëë=
çêáÉåíÉÇ=êÉéçêíë=çÑÑÉêÉÇI=íÜÉ=èìáÅâ=~ÅÅÉëë=íççäë=~î~áä~ÄäÉ=íç=ÖÉí=~í=Ç~í~K=^ÇJ
Çáíáçå~ääóI=êÉ~äJíáãÉ=êÉéçêíë=~åÇ=ÑçêÉåëáÅ=êÉéçêíë=~êÉ=~î~áä~ÄäÉ=EpÉÉ=cáÖìêÉ=
SKF
«=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========NPT H E
T H E
WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting
TOLLY
TOLLY
Secure Web Gateways
GROUP
GROUP
Reporting Scores









































Source: The Tolly Group, November 2008
Figure 6
«=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========NQ



































T H E
T H E
WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting
TOLLY
TOLLY
Secure Web Gateways
GROUP
GROUP
URL Filtering
qÜÉ=~Äáäáíó=íç=Åçåíêçä=~åÇ=ãçåáíçê=tÉÄ=ìë~ÖÉ=Äó=ÉãéäçóÉÉë=áë=ÄÉÅçãáåÖ=~=
åÉÅÉëëáíó=Ñçê=Åçãé~åáÉëK=qÜÉ=~Äáäáíó=íç=ÉåÑçêÅÉ=Åçêéçê~íÉ=éçäáÅó=åçí=àìëí=
ïÜáäÉ=íÜÉ=ÉãéäçóÉÉë=~êÉ=çå=éêÉãáëÉëI=Äìí=~äëç=ïÜáäÉ=çÑÑJéêÉãáëÉë=ÄÉÅçãÉë=
î~äì~ÄäÉ=~ë=ÉãéäçóÉÉë=~êÉ=ÄÉÅçãáåÖ=áåÅêÉ~ëáåÖäó=ãçÄáäÉK
tÉÄëÉåëÉ=çåÅÉ=~Ö~áå=çÑÑÉêÉÇ=éçïÉêÑìä=~åÇ=ÑäÉñáÄäÉ=íççäë=íç=Öê~åìä~êäó=ÅçåJ
íêçä=íÜÉ=tÉÄ=~ÅÅÉëë=çÑ=ìëÉêë=ÄçíÜ=çå=~åÇ=çÑÑ=íÜÉ=éêÉãáëÉëX=~åÇ=ëÅçêÉÇ=~=
ã~ñáãìã=éçëëáÄäÉ=NO=éçáåíë=~Åêçëë=íÜêÉÉ=~êÉ~ë=Éî~äì~íÉÇK=EpÉÉ=cáÖìêÉ=TKF=
qÜÉ=åÉñí=ÅäçëÉëí=ÅçãéÉíáíçê=éêçÇìÅí=ëÅçêÉÇ=~=V=ïáíÜ=íÜÉ=êÉëí=ëÅçêáåÖ=Q=É~ÅÜK
URL Filtering Feature Scoring


















Source: The Tolly Group, November 2008 Figure 7
«=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========NR















T H E
T H E
WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting
TOLLY
TOLLY
Secure Web Gateways
GROUP
GROUP
Malware Filtering
tÜáäÉ=roi=ÑáäíÉêáåÖ=áë=~=ëí~éäÉ=çÑ=~åó=ëÉÅìêÉ=tÉÄ=Ö~íÉï~óI=ã~äï~êÉ=ÑáäíÉêáåÖ=
áë=Ñ~ëí=Å~íÅÜáåÖ=çå=~ë=~=ÅêáíáÅ~ä=ÑìåÅíáçåK=sáêìë=ÇÉíÉÅíáçå=~åÇ=
êÉãçî~ä=áå=Ö~íÉï~óë=áë=ÅêáíáÅ~ä=~ë=ãçêÉ=ã~äï~êÉ=ãçîÉë=íç=~=tÉÄ=ÇáëíêáÄìJ
íáçå=ãÉíÜçÇ=~åÇ=ÉåÇéçáåí=éêçíÉÅíáçå=ëíêìÖÖäÉë=íç=âÉÉé=é~ÅÉ=ïáíÜ=íÜÉ=îçäìãÉ=
çÑ=íÜêÉ~íëK=
eÉêÉI=qÜÉ=qçääó=dêçìé=ÉåÖáåÉÉêë=ÅçåÇìÅíÉÇ=~=Ü~åÇëJçå=íÉëí=çÑ=ÅÉêí~áå=ÑÉ~J
íìêÉëI=ïÜáäÉ=~ëëáÖåáåÖ=ëìÄàÉÅíáîÉ=ëÅçêÉë=íç=íÜÉ=éêçÇìÅíëÛ=~êÅÜáíÉÅíìêÉ=~åÇ=
ÉîÉåí=~äÉêíë=Å~é~ÄáäáíáÉëK
tÉÄëÉåëÉ=~ÅÜáÉîÉÇ=~=VUKQB=ëÅçêÉ=Ñçê=ÇÉíÉÅíáçå=~ÅÅìê~Åó=çÑ=ã~äï~êÉ=Ñçê=
USR=ëáíÉë=ÜçëíáåÖ=ã~äáÅáçìë=ÑáäÉëK=líÜÉê=îÉåÇçêë=ê~åÖÉÇ=Ñêçã=SRB=íç=VSB=
ã~äï~êÉ=ÇÉíÉÅíáçå=~ÅÅìê~ÅóK=EpÉÉ=cáÖìêÉ=UKF
tÉÄëÉåëÉ=~äëç=ï~ë=ëìÅÅÉëëÑìä=~í=ÇÉíÉÅíáåÖ=~åÇ=~îçáÇáåÖ=éÜáëÜáåÖ=~åÇ=
éêçñó=ëáíÉë=VUKPB=çÑ=íÜÉ=íáãÉI=îÉêëìë=TMB=íç=UUB=Ñçê=çíÜÉê=éêçÇìÅíë=íÉëíÉÇK=
^åÇ=tÉÄëÉåëÉ=ï~ë=ëìÅÅÉëëÑìä=VVB=çÑ=íÜÉ=íáãÉ=~í=ÇÉíÉÅíáåÖ=~åÇ=~îçáÇáåÖ=
ëáíÉë=ïáíÜ=ã~äáÅáçìë=Éñéäçáíë=çê=ÇêáîÉJÄó=ÑáäÉ=áåëí~ääëK=líÜÉê=éêçÇìÅíë=ïÉêÉ=
ëìÅÅÉëëÑìä=çåäó=RQB=íç=VNB=çÑ=íÜÉ=íáãÉK
tÉÄëÉåëÉ=ï~ë=~äëç=íÜÉ=çåäó=îÉåÇçê=íç=êÉÅÉáîÉ=íÜÉ=ã~ñáãìã=ëÅçêÉ=çÑ= QÒ=
Ñçê=áíë=ëçäìíáçå=~êÅÜáíÉÅíìêÉ=ÇìÉ=íç=áíë=ÜóÄêáÇ=~êÅÜáíÉÅíìêÉK=qÜáë=áë=Ä~ëÉÇ=çå=
d~êíåÉêÛë=ÇáëÅìëëáçå=çÑ=íÜÉ=ÄÉåÉÑáíë=çÑ=~= ÜóÄêáÇÒ=~êÅÜáíÉÅíìêÉ=íÜ~í=ìíáäáòÉë=
éêçñó=íÉÅÜåçäçÖó=Ñçê=Öê~åìä~êáíó=~åÇ=ÇÉí~áäÉÇ=Åçåíêçä=ÅçìéäÉÇ=ïáíÜ=åÉíïçêâ=
ãçåáíçêáåÖ=Å~é~ÄáäáíáÉë=Ñçê=ëÅ~ä~Äáäáíó=~åÇ=Äêç~Ç=ÅçîÉê~ÖÉK
«=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========NST H E
T H E
WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting
TOLLY
TOLLY
Secure Web Gateways
GROUP
GROUP
Malware Detection Scores





































Source: The Tolly Group, November 2008 Figure 8
«=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========NT































T H E
T H E
WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting
TOLLY
TOLLY
Secure Web Gateways
GROUP
GROUP
Application Control
bãÄÉÇÇÉÇ=~ééäáÅ~íáçåJäÉîÉä=Åçåíêçäë=Éå~ÄäÉ=ëÉÅìêáíó=~Çãáåáëíê~íçêë=íç=ÖçîJ
Éêå=íÜÉ=~Ççéíáçå=~åÇ=ìë~ÖÉ=çÑ=tÉÄJÄ~ëÉÇ=~ééäáÅ~íáçåë=ëìÅÜ=~ë=fjI=pâóéÉI=
mOmI=~åÇ=ãçêÉK=qçääó=dêçìé=ÉåÖáåÉÉêë=~ï~êÇÉÇ=íÜÉ=ã~ñáãìã=ëÅçêÉ=çÑ= QÒ=
íç=íÜÉ=tÉÄëÉåëÉ=éêçÇìÅí=áå=Ñçìê=çÑ=íÜÉ=ÑáîÉ=^ééäáÅ~íáçå=`çåíêçä=Å~íÉÖçêáÉë=
Éñ~ãáåÉÇK=EpÉÉ=cáÖìêÉ=VKF=
tÉÄëÉåëÉ=É~êåÉÇ=NV=çìí=çÑ=~=éçëëáÄäÉ=OM=éçáåíëI=ïáíÜ=íÜÉ=åÉñíJåÉ~êÉëí=
ÅçãéÉíáíçê=ÅçãáåÖ=áå=ïáíÜ=~=ëÅçêÉ=çÑ=NNK=tÉÄëÉåëÉ=É~êåÉÇ=ÜáÖÜ=Öê~ÇÉë=Ñçê=
áíë=~Äáäáíó=íç=Å~íÉÖçêáòÉ=~ééäáÅ~íáçåëI=ïÜáÅÜ=É~ëÉë=íÜÉ=ÅêÉ~íáçå=~åÇ=~ÇãáåáJ
ëíê~íáçå=çÑ=éçäáÅáÉëK=fí=~äëç=É~êåÉÇ=~=ã~ñáãìã=ëÅçêÉ=Ñçê=éçäáÅó=ÉåÑçêÅÉãÉåí=
Äó=Å~íÉÖçêóI=ïÜáÅÜ=êÉÇìÅÉë=íÜÉ=ïçêâäç~Ç=~åÇ=íÜÉ=åìãÄÉê=çÑ=ÉêêçêëK=^åÇ=
tÉÄëÉåëÉ=É~êåÉÇ=~=ã~ñáãìã=ëÅçêÉ=Ñçê=Åä~ëëáÑóáåÖ=mOm=~ë=~=ÇáëíáåÅíäó=ÇáÑJ
ÑÉêÉåí=~ééäáÅ~íáçå=íÜ~å=çíÜÉêëI=ëáåÅÉ=áí=éçëÉë==ÖêÉ~íÉê=êáëâë=ÇìÉ=íç=ÑáäÉ=íê~åëJ
ÑÉêëK=
«=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========NUT H E
T H E
WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting
TOLLY
TOLLY
Secure Web Gateways
GROUP
GROUP
Application Control Scores


























Source: The Tolly Group, November 2008 Figure 9
«=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========NV




























T H E
T H E
WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting
TOLLY
TOLLY
Secure Web Gateways
GROUP
GROUP
Data Loss Protection
tÉÄëÉåëÉ=ëçäìíáçå=ï~ë=íÜÉ=çåäó=éêçÇìÅí=íÉëíÉÇ=íç=É~êå=~=ã~ñáãìã=ëÅçêÉ=áå=
ÉîÉêó=Å~íÉÖçêó=Ñçê=Ç~í~=äçëë=éêçíÉÅíáçåI=Ñçê=~=íçí~ä=çÑ=PO=éçáåíëK=qÜÉ=åÉñí=
åÉ~êÉëí=îÉåÇçê=É~êåÉÇ=NQ=éçáåíëK=EpÉÉ=cáÖìêÉ=NMKF
^ë=íÜÉ=tÉÄ=ÄÉÅçãÉë=ãçêÉ=áåíÉê~ÅíáîÉ=Äó=å~íìêÉI=çêÖ~åáò~íáçåë=~êÉ=ÅçåJ
ÅÉêåÉÇ=~Äçìí=íÜÉ=êáëâ=Ñçê=íÜÉ=äçëë=çÑ=ëÉåëáíáîÉ=Ç~í~K=pÉÅìêÉ=tÉÄ=Ö~íÉï~óë=
ÅçãÄ~í=íÜáë=Äó=çÑÑÉêáåÖ=íÜÉ=~Äáäáíó=íç=ÇÉíÉÅí=åçåJÅçãéäá~åÅÉ=íç=Åçêéçê~íÉ=
~åÇ=êÉÖìä~íçêó=éçäáÅáÉëK=táíÜ=Ñìää=áåíÉÖê~íáçå=ïáíÜ=íÜÉ=tÉÄëÉåëÉ=a~í~=pÉÅìJ
êáíó=pçäìíáçå=çÑÑÉêÉÇI=tÉÄëÉåëÉ=ï~ë=íÜÉ=çåäó=îÉåÇçê=íç=çÑÑÉê=~=éêÉÇÉíÉêJ
ãáåÉÇ=åìãÄÉê=çÑ=íÉãéä~íÉë=íç=Öì~êÇ=~Ö~áåëí=åçåJÅçãéäá~åÅÉI=Ñçê=íÜáåÖë=
ëìÅÜ=~ë=ÅêÉÇáí=Å~êÇë=çê=ëçÅá~ä=ëÉÅìêáíó=åìãÄÉêëK==tÉÄëÉåëÉ=~äëç=ï~ë=ÅáíÉÇ=
Ñçê=áíë=ëíêÉåÖíÜ=~í=ÇÉÉé=ÅçåíÉåí=áåëéÉÅíáçåI=ïÜÉêÉ=çíÜÉê=éêçÇìÅíë=Çç=åçí=
Ü~îÉ=íÜÉ=Å~é~Äáäáíó=çê=~êÉ=ïÉ~â=~í=áíK
e~åÇëJçå=Éñ~ãáå~íáçå=çÑ=íÜÉ=éêçÇìÅíë=ëÜçï=íÜ~í=ëçãÉ=çÑÑÉêáåÖëI=ëìÅÜ=~ë=
_äìÉ`ç~í=mêçñó=pdONM=~åÇ=qêÉåÇ=jáÅêç=fåíÉêëÅ~å=tÉÄ=pÉÅìêáíó=pìáíÉ=Çç=
åçí=çÑÑÉê=~åó=Ç~í~=äçëë=éêÉîÉåíáçå=Ñ~ÅáäáíáÉë=çê=áåíÉÖê~íáçå=çéíáçåëK
«=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========OMT H E
T H E
WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting
TOLLY
TOLLY
Secure Web Gateways
GROUP
GROUP
Data Loss Prevention Scores














































Source: The Tolly Group, November 2008
Figure 10
«=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========ON





























T H E
T H E
WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting
TOLLY
TOLLY
Secure Web Gateways
GROUP
GROUP
Network Implementation
tÉÄëÉåëÉ=ëÅçêÉÇ=NN=çìí=çÑ=~=éçëëáÄäÉ=OM=éçáåíëI=ÑçääçïáåÖ=pÉÅìêÉ=tÉÄ=
Ñêçã=pÉÅìêÉ=`çãéìíáåÖ=ïÜáÅÜ=ëÅçêÉÇ=NQI=~åÇ=fåíÉêpÅ~å=tÉÄ=pÉÅìêáíó=
pìáíÉ=Ñêçã=qêÉåÇ=jáÅêç=ïÜáÅÜ=ëÅçêÉÇ=NOK=EpÉÉ=cáÖìêÉ=NNKF
qçÇ~óÛë=çêÖ~åáò~íáçåë=êÉèìáêÉ=~=ÑäÉñáÄäÉ=ëçäìíáçå=íÜ~í=Å~å=áåíÉÖê~íÉ=ïáíÜ=íÜÉ=
ïáÇÉ=ê~åÖÉ=çÑ=åÉíïçêâ=íçéçäçÖáÉë=ÅìêêÉåíäó=áå=ìëÉK=tÉÄëÉåëÉ=çÑÑÉêë=ÄçíÜ=
çåJéêÉãáëÉë=~åÇ=Ñìääó=ÜçëíÉÇ=tÉÄ=ëÉÅìêáíó=çéíáçåë=éêçîáÇáåÖ=ÅìëíçãÉê=ïáíÜ=
ãçêÉ=ÅÜçáÅÉë=ïÜÉå=ÇÉëáÖåáåÖ=~=ÇáëíêáÄìíÉÇ=ëçäìíáçåK=pìééçêí=Ñçê=~=Äêç~Ç=
ê~åÖÉ=çÑ=Ü~êÇï~êÉ=~åÇ=ëçÑíï~êÉ=éä~íÑçêãë=Éå~ÄäÉë=É~ëó=áåíÉÖê~íáçå=áåíç=
ãçëí=ÅìëíçãÉê=åÉíïçêâëK=e~êÇï~êÉ=~ééäá~åÅÉë=~êÉ=çÑíÉå=ìëÉÇ=Ñçê=ëã~ääÉê=
áåëí~ää~íáçåë=íÜ~í=ä~Åâ=ÉñéÉêáÉåÅÉÇ=áãéäÉãÉåí~íáçå=ëí~ÑÑI=Äìí=~êÉ=äÉëë=çÑíÉå=
ìëÉÇ=áå=ÉåíÉêéêáëÉ=åÉíïçêâë=Ä~ëÉÇ=çå=íÜÉ=ÜáÖÜÉê=ÅçëíëK
«=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========OOT H E
T H E
WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting
TOLLY
TOLLY
Secure Web Gateways
GROUP
GROUP
Delivery and Network Implementation Feature Scores





































Source: The Tolly Group, November 2008 Figure 11
«=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========OP
























T H E
T H E
WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting
TOLLY
TOLLY
Secure Web Gateways
GROUP
GROUP
Integration with Other Solutions
fåíÉÖê~íáçå=ïáíÜ=çíÜÉê=éêçÇìÅíëI=ëìÅÜ=~ë=äç~Ç=Ä~ä~åÅÉêëI=éêçñáÉëI=bJã~áä=~åÇ=
çíÜÉê=ëçäìíáçå=ã~ó=åçí=ÄÉ=ÅêáíáÅ~äI=Äìí=ã~ó=óáÉäÇ=ëìÑÑáÅáÉåí=ÄÉåÉÑáíë=íç=ï~êê~åí=
íÜÉ=áåíÉÖê~íáçåK=tÜáäÉ=ãçëí=éêçÇìÅíë=íÉëíÉÇ=É~êåÉÇ=éççê=ëÅçêÉë=Ñçê=áåíÉÖê~J
íáçåI=tÉÄëÉåëÉ=ÉñÅÉääÉÇ=áå=íÜÉ=~êÉ~=çÑ=ÑáêÉï~ääëI=~êÅÜáîáåÖ=~åÇ=aim=ëóëJ
íÉãëK=EpÉÉ=cáÖìêÉ=NOKF
«=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========OQT H E
T H E
WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting
TOLLY
TOLLY
Secure Web Gateways
GROUP
GROUP
Integration Scores











































Source: The Tolly Group, November 2008 Figure 12
«=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========OR





































T H E
T H E
WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting
TOLLY
TOLLY
Secure Web Gateways
GROUP
GROUP
Service and support
pÉêîáÅÉ=~åÇ=ëìééçêí=çéíáçåë=~êÉ=~å=áãéçêí~åí=Ñ~Åíçê=íç=ÅçåëáÇÉê=ïÜÉå=ëÉJ
äÉÅíáåÖ=~=ëçäìíáçåK=qÜÉ=èì~äáíó=çÑ=ëÉêîáÅÉ=çÑÑÉêáåÖë=Å~å=î~êó=ïáÇÉäó=~ãçåÖ=
îÉåÇçêëK=_~ëÉÇ=çå=íÜÉ=ëÅçéÉ=çÑ=íÜáë=êÉéçêíI=íÉëíáåÖ=çÑ=íÜÉ=ëÉêîáÅÉ=çéíáçåë=
çÑÑÉêÉÇ=Äó=íÜÉ=îÉåÇçêë=ï~ë=åçí=éÉêÑçêãÉÇI=ëç=~=èì~äáí~íáîÉ=ê~íáåÖ=çÑ=íÜÉ=
îÉåÇçê=ëÉêîáÅÉë=Ü~ë=åçí=ÄÉÉå=éêçîáÇÉÇK=qÜÉ=çÑÑÉêáåÖë=Ñêçã=É~ÅÜ=îÉåÇçê=
Ü~îÉ=ÄÉÉå=ÉåìãÉê~íÉÇ=íç=áåÇáÅ~íÉ=áÑ=íÜÉó=éêçîáÇÉ=íÜÉ=íóéÉë=çÑ=ëìééçêí=çéJ
íáçåë=áåÇáÅ~íÉÇI=ëç=~=ÜáÖÜÉê=ëÅçêÉ=áåÇáÅ~íÉë=~=Äêç~ÇÉê=ê~åÖÉ=çÑ=çÑÑÉêáåÖëI=Äìí=
åçí=åÉÅÉëë~êáäó=~=ëìéÉêáçê=çÑÑÉêáåÖK=EpÉÉ=cáÖìêÉ=NPKF
«=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========OST H E
T H E
WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting
TOLLY
TOLLY
Secure Web Gateways
GROUP
GROUP
Service and Support Scores


































Source: The Tolly Group, November 2008 Figure 13
«=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========OT

























T H E
T H E
WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting
TOLLY
TOLLY
Secure Web Gateways
GROUP
GROUP
Test Methodology
Alexa 100,000 URL Filtering/
Classification Test
qÜÉ=Ä~ëáÅ=roi=ÑáäíÉêáåÖ=Å~é~ÄáäáíáÉë=çÑ=É~ÅÜ=ëóëíÉã=ï~ë=íÉëíÉÇ=Äó=ëÅêáéíáåÖ=
ëí~åÇ~êÇ=ïçêâëí~íáçåë=íç=~ÅÅÉëë=~=ë~ãéäÉ=ëÉí=çÑ=NMMIMMM=roië=Ñêçã=íÜÉ=
^äÉñ~=qçé=NMMIMMM=ãçëí=îáëáíÉÇ=tÉÄ=ëáíÉë=íÜêçìÖÜ=íÜÉ=éêçÇìÅí=ìåÇÉê=íÉëíK=
^ää=~î~áä~ÄäÉ=roi=Å~íÉÖçêáÉë=çÑ=Åä~ëëáÑáÅ~íáçå=çå=~=éêçÇìÅí=ïÉêÉ=Éå~ÄäÉÇ=
~åÇ=ÅçåÑáÖìêÉÇ=íç=ÄäçÅâ=~ÅÅÉëë=íç=~åó=roi=ã~íÅÜáåÖ=çåÉ=çÑ=íÜÉ=ÇÉÑáåÉÇ=ÑáäJ
íÉêáåÖ=Å~íÉÖçêáÉëK=fÑ=~=roi=ï~ë=Åä~ëëáÑáÉÇ=ìåÇÉê=~åó=Å~íÉÖçêó=~î~áä~ÄäÉ=çå=
íÜÉ=éêçÇìÅíI=íÜÉ=roi=ï~ë=ÄäçÅâÉÇK=fÑ=íÜÉ=roi=ÅçìäÇ=åçí=ÄÉ=Åä~ëëáÑáÉÇ=ìåÇÉê=
~åó=~î~áä~ÄäÉ=Å~íÉÖçêóI=íÜÉ=éêçÇìÅí=ìåÇÉê=íÉëí=ï~ë=ÅçåÑáÖìêÉÇ=íç=ÖÉåÉê~íÉ=
~å=~äÉêíK=qÜÉ=äçÖë=çÑ=É~ÅÜ=ÇÉîáÅÉ=ïÉêÉ=íÜÉå=ÅçêêÉä~íÉÇ=ïáíÜ=íÜÉ=ë~ãéäÉ=ëÉí=
íç=~êêáîÉ=~í=íÜÉ=ÇÉîáÅÉÛë=ëÅçêÉK=^ë=äçåÖ=~ë=~=roi=ï~ë=Åä~ëëáÑáÉÇ=ìåÇÉê=~å=
ÉñáëíáåÖ=Å~íÉÖçêó=çÑ=Åä~ëëáÑáÅ~íáçå=çå=íÜÉ=éêçÇìÅíI=íÜÉ=êÉëìäí=ï~ë=ÅçåëáÇÉêÉÇ=
î~äáÇK=qÜÉ=êÉëìäíáåÖ=ëÅçêÉ=Ü~ë=ÄÉÉå=êÉÅçêÇÉÇ=~ë=íÜÉ=éÉêÅÉåí~ÖÉ=çÑ=roië=
ëìÅÅÉëëÑìääó=Å~íÉÖçêáòÉÇ=çê=ÑáäíÉêÉÇ=~Ö~áåëí=íÜÉ=ë~ãéäÉ=ëÉíK=qÉëíë=ïÉêÉ=êÉJ
éÉ~íÉÇ=íïáÅÉ=íç=ÉåëìêÉ=êÉéÉ~í~Äáäáíó=~åÇ=íÜÉ=êÉëìäíë=~îÉê~ÖÉÇK=
“Long Tail” or Extended URL
Classification Test
cçê=íÜáë=íÉëíI=ÉåÖáåÉÉêë=ìëÉÇ=~=ëÉí=çÑ=NUIRUM=roië=çÄí~áåÉÇ=Ñêçã=íÜÉ=tÉÄJ
ëÉåëÉ=qÜêÉ~ípÉÉâÉê=åÉíïçêâK=qÜÉ=roië=ïÉêÉ=ÅÜçëÉå=Ñêçã=~=éççä=çÑ=roië=
ëìÄãáííÉÇ=íç=íÜÉ=qÜêÉ~ípÉÉâÉê=åÉíïçêâ=Ñçê=Åä~ëëáÑáÅ~íáçå=Äó=ÉåÇJìëÉêë=
~êçìåÇ=íÜÉ=ïçêäÇK=qÜÉ=roië=ïÉêÉ=ÅçääÉÅíÉÇ=Ñêçã=íÜÉ=éççä=ïáíÜáå=ëáñ=íç=OQ=
Üçìêë=çÑ=íÜÉ=íÉëíáåÖ=ïáåÇçïI=íç=ÉåëìêÉ=íÜ~í=íÜÉ=roië=íÉëíÉÇ=ïçìäÇ=ÄÉ=äáîÉ=
çå=íÜÉ=fåíÉêåÉíK=låÅÉ=~Ö~áåI=ÉåÖáåÉÉêë=Éå~ÄäÉÇ=~ää=~î~áä~ÄäÉ=roi=Åä~ëëáÑáÅ~J
íáçå=Å~íÉÖçêáÉë=~î~áä~ÄäÉ=çå=éêçÇìÅíë=ìåÇÉê=íÉëíI=~åÇ=îÉêáÑáÉÇ=íÜÉ=äçÖë=çÑ=
É~ÅÜ=ÇÉîáÅÉ=íç=çÄí~áå=íÜÉ=åìãÄÉê=çÑ=Åä~ëëáÑáÉÇ=~åÇ=åìãÄÉê=çÑ=ãáëëÉÇ=roiëK===
fÑ=~=roi=ï~ë=Åä~ëëáÑáÉÇ=ìåÇÉê=çåÉ=çÑ=íÜÉ=Éå~ÄäÉÇ=Å~íÉÖçêáÉë=çå=íÜÉ=éêçÇìÅíI=
íÜÉ=roi=ï~ë=ÄäçÅâÉÇK=fÑ=íÜÉ=roi=ÅçìäÇ=åçí=ÄÉ=Åä~ëëáÑáÉÇ=ìåÇÉê=~åó=Éå~ÄäÉÇ=
Å~íÉÖçêóI=íÜÉ=éêçÇìÅí=ìåÇÉê=íÉëí=ï~ë=ÅçåÑáÖìêÉÇ=íç=ÖÉåÉê~íÉ=~å=~äÉêíK=båÖáJ
åÉÉêë=íÜÉå=Å~äÅìä~íÉÇ=íÜÉ=ÇÉíÉÅíáçå=~ÅÅìê~Åó=çÑ=íÜÉ=éêçÇìÅí=~ë=íÜÉ=ê~íáç=çÑ=
~ää=roië=ëìÅÅÉëëÑìääó=Åä~ëëáÑáÉÇ=çìí=çÑ=íÜÉ=íçí~ä=roië=íêáÉÇK=qÜÉ=êÉëìäíáåÖ=
«=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========OUT H E
T H E
WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting
TOLLY
TOLLY
Secure Web Gateways
GROUP
GROUP
ëÅçêÉ=Ü~ë=ÄÉÉå=êÉÅçêÇÉÇ=~ë=íÜÉ=éÉêÅÉåí~ÖÉ=ëìÅÅÉëëÑìääó=Å~íÉÖçêáòÉÇ=çê=ÑáäJ
íÉêÉÇ=~Ö~áåëí=íÜÉ=ë~ãéäÉ=ëÉíK=qÉëíë=ïÉêÉ=êÉéÉ~íÉÇ=íïáÅÉ=íç=ÉåëìêÉ=êÉéÉ~íJ
~Äáäáíó=~åÇ=íÜÉ=êÉëìäíë=~îÉê~ÖÉÇK
Phishing and/or Proxy Avoidance URL
Detection Accuracy Test
cçê=íÜáë=íÉëíI=ÉåÖáåÉÉêë=ìëÉÇ=~=ëÉí=çÑ=OIPMO=roië=çÄí~áåÉÇ=Ñêçã=íÜÉ=tÉÄJ
ëÉåëÉ=qÜêÉ~ípÉÉâÉê=åÉíïçêâK=qÜÉ=roië=ïÉêÉ=ÅÜçëÉå=Ñêçã=~=éççä=çÑ=roië=
ÇÉíÉÅíÉÇ=Äó=íÜÉ=qÜêÉ~ípÉÉâÉê=åÉíïçêâ=~êçìåÇ=íÜÉ=ïçêäÇ=~ë=roië=çÑ=tÉÄ=
ëáíÉë=Åçåí~áåáåÖ=mÜáëÜáåÖ=Éñéäçáíë=çê=Ñ~Åáäáí~íÉÇ=mêçñó=^îçáÇ~åÅÉK=
qÜÉ=roië=ïÉêÉ=ÅçääÉÅíÉÇ=Ñêçã=íÜÉ=éççä=ïáíÜáå=ëáñ=Üçìêë=çÑ=íÜÉ=íÉëíáåÖ=ïáåJ
ÇçïI=íç=ÉåëìêÉ=íÜ~í=íÜÉ=roië=íÉëíÉÇ=ïçìäÇ=ÄÉ=äáîÉ=çå=íÜÉ=fåíÉêåÉíK=låÅÉ=
~Ö~áåI=ÉåÖáåÉÉêë=Éå~ÄäÉÇ=~ää=roi=Åä~ëëáÑáÅ~íáçå=Å~íÉÖçêáÉë=êÉä~íÉÇ=íç=mÜáëÜJ
áåÖ=~åÇ=mêçñó=^îçáÇ~åÅÉ=Å~íÉÖçêáÉë=~î~áä~ÄäÉ=çå=éêçÇìÅíë=ìåÇÉê=íÉëíI=~åÇ=
îÉêáÑáÉÇ=íÜÉ=äçÖë=çÑ=É~ÅÜ=ÇÉîáÅÉ=íç=çÄí~áå=íÜÉ=åìãÄÉê=çÑ=Åä~ëëáÑáÉÇ=~åÇ=åìãJ
ÄÉê=çÑ=ãáëëÉÇ=roiëK=fÑ=~=roi=ï~ë=Åä~ëëáÑáÉÇ=ìåÇÉê=çåÉ=çÑ=íÜÉ=Å~íÉÖçêáÉë=
Éå~ÄäÉÇ=çå=íÜÉ=éêçÇìÅíI=íÜÉ=roi=ï~ë=ÄäçÅâÉÇK=fÑ=íÜÉ=roi=ÅçìäÇ=åçí=ÄÉ=
Åä~ëëáÑáÉÇ=ìåÇÉê=~åó=Éå~ÄäÉÇ=Å~íÉÖçêóI=íÜÉ=éêçÇìÅí=ìåÇÉê=íÉëí=ï~ë=ÅçåÑáÖJ
ìêÉÇ=íç=ÖÉåÉê~íÉ=~å=~äÉêíK=båÖáåÉÉêë=íÜÉå=Å~äÅìä~íÉÇ=íÜÉ=ÇÉíÉÅíáçå=~ÅÅìê~Åó=
~ë=íÜÉ=éÉêÅÉåí~ÖÉ=çÑ=roië=ëìÅÅÉëëÑìääó=Å~íÉÖçêáòÉÇ=çê=ÑáäíÉêÉÇ=çìí=çÑ=íÜÉ=
ë~ãéäÉ=ëÉíK=qÉëíë=ïÉêÉ=êÉéÉ~íÉÇ=íïáÅÉ=íç=ÉåëìêÉ=êÉéÉ~í~Äáäáíó=~åÇ=íÜÉ=êÉJ
ëìäíë=~îÉê~ÖÉÇK
Binary Exploits and Compromises
Detection Accuracy Test
cçê=íÜáë=íÉëíI=ÉåÖáåÉÉêë=ìëÉÇ=~=ëÉí=çÑ=PTV=roië=çÄí~áåÉÇ=Ñêçã=íÜÉ=tÉÄJ
ëÉåëÉ=qÜêÉ~ípÉÉâÉê=åÉíïçêâK=qÜÉ=roië=ïÉêÉ=ÅÜçëÉå=Ñêçã=~=éççä=çÑ=roië=
ÇÉíÉÅíÉÇ=Äó=íÜÉ=qÜêÉ~ípÉÉâÉê=åÉíïçêâ=~êçìåÇ=íÜÉ=ïçêäÇ=~ë=roië=çÑ=tÉÄ=
ëáíÉë=Åçåí~áåáåÖ=_áå~êó=Éñéäçáíë=çê=ÅçãéêçãáëÉëK=
qÜÉ=roië=ïÉêÉ=ÅçääÉÅíÉÇ=Ñêçã=íÜÉ=éççä=ïáíÜáå=ëáñ=Üçìêë=çÑ=íÜÉ=íÉëíáåÖ=ïáåJ
ÇçïI=íç=ÉåëìêÉ=íÜ~í=íÜÉ=roië=íÉëíÉÇ=ïçìäÇ=ÄÉ=äáîÉ=çå=íÜÉ=fåíÉêåÉíK=låÅÉ=
~Ö~áåI=ÉåÖáåÉÉêë=Éå~ÄäÉÇ=~ää=roi=Åä~ëëáÑáÅ~íáçå=Å~íÉÖçêáÉë=êÉä~íÉÇ=íç=_áå~êó=
Éñéäçáíë=~åÇ=ÅçãéêçãáëÉë=Å~íÉÖçêáÉë=~î~áä~ÄäÉ=çå=éêçÇìÅíë=ìåÇÉê=íÉëíK=fÑ=~=
roi=ï~ë=Åä~ëëáÑáÉÇ=ìåÇÉê=çåÉ=çÑ=íÜÉ=Å~íÉÖçêáÉë=Éå~ÄäÉÇ=çå=íÜÉ=éêçÇìÅíI=íÜÉ=
«=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========OVT H E
T H E
WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting
TOLLY
TOLLY
Secure Web Gateways
GROUP
GROUP
roi=ï~ë=ÄäçÅâÉÇK=fÑ=íÜÉ=roi=ÅçìäÇ=åçí=ÄÉ=Åä~ëëáÑáÉÇ=ìåÇÉê=~åó=Éå~ÄäÉÇ=
Å~íÉÖçêóI=íÜÉ=éêçÇìÅí=ìåÇÉê=íÉëí=ï~ë=ÅçåÑáÖìêÉÇ=íç=ÖÉåÉê~íÉ=~å=~äÉêíK=båÖáJ
åÉÉêë=íÜÉå=Å~äÅìä~íÉÇ=íÜÉ=ÇÉíÉÅíáçå=~ÅÅìê~Åó=çÑ=íÜÉ=éêçÇìÅí=~ë=íÜÉ=éÉêÅÉåíJ
~ÖÉ=ëìÅÅÉëëÑìääó=Å~íÉÖçêáòÉÇ=çê=ÑáäíÉêÉÇ=çìí=çÑ=íÜÉ=ë~ãéäÉ=ëÉíK=qÉëíë=ïÉêÉ=
êÉéÉ~íÉÇ=íïáÅÉ=íç=ÉåëìêÉ=êÉéÉ~í~Äáäáíó=~åÇ=íÜÉ=êÉëìäíë=~îÉê~ÖÉÇK=
Malware-infected URL Detection
Accuracy Test
cçê=íÜáë=íÉëíI=ÉåÖáåÉÉêë=ìëÉÇ=~=ëÉí=çÑ=USR=roië=çÄí~áåÉÇ=Ñêçã=íÜÉ=tÉÄJ
ëÉåëÉ=qÜêÉ~ípÉÉâÉê=åÉíïçêâK=qÜÉ=roië=ïÉêÉ=ÅÜçëÉå=Ñêçã=~=éççä=çÑ=roië=
ÇÉíÉÅíÉÇ=Äó=íÜÉ=qÜêÉ~ípÉÉâÉê=åÉíïçêâ=~êçìåÇ=íÜÉ=ïçêäÇ=~ë=roië=çÑ=tÉÄ=
ëáíÉë=Åçåí~áåáåÖ=ã~äï~êÉ=Eã~äáÅáçìë=ÅçÇÉ=çê=~ééäáÅ~íáçåëFK=
qÜÉ=roië=ïÉêÉ=ÅçääÉÅíÉÇ=Ñêçã=íÜÉ=éççä=ïáíÜáå=ëáñ=Üçìêë=çÑ=íÜÉ=íÉëíáåÖ=ïáåJ
ÇçïI=íç=ÉåëìêÉ=íÜ~í=íÜÉ=roië=íÉëíÉÇ=ïçìäÇ=ÄÉ=äáîÉ=çå=íÜÉ=fåíÉêåÉíK=låÅÉ=
~Ö~áåI=ÉåÖáåÉÉêë=Éå~ÄäÉÇ=~ää=roi=Åä~ëëáÑáÅ~íáçå=Å~íÉÖçêáÉë=êÉä~íÉÇ=íç=ã~äJ
ï~êÉ=_áå~êó=Éñéäçáíë=~åÇ=ÅçãéêçãáëÉë=Å~íÉÖçêáÉë=~î~áä~ÄäÉ=çå=éêçÇìÅíë=
ìåÇÉê=íÉëíK=fÑ=~=roi=ï~ë=Åä~ëëáÑáÉÇ=ìåÇÉê=çåÉ=çÑ=íÜÉ=Å~íÉÖçêáÉë=Éå~ÄäÉÇ=çå=
íÜÉ=éêçÇìÅíI=íÜÉ=roi=ï~ë=ÄäçÅâÉÇK=fÑ=íÜÉ=roi=ÅçìäÇ=åçí=ÄÉ=Åä~ëëáÑáÉÇ=ìåÇÉê=
~åó=Éå~ÄäÉÇ=Å~íÉÖçêóI=íÜÉ=éêçÇìÅí=ìåÇÉê=íÉëí=ï~ë=ÅçåÑáÖìêÉÇ=íç=ÖÉåÉê~íÉ=
~å=~äÉêíK=båÖáåÉÉêë=íÜÉå=Å~äÅìä~íÉÇ=íÜÉ=ÇÉíÉÅíáçå=~ÅÅìê~Åó=çÑ=íÜÉ=éêçÇìÅí=~ë=
íÜÉ=éÉêÅÉåí~ÖÉ=ëìÅÅÉëëÑìääó=Å~íÉÖçêáòÉÇ=çê=ÑáäíÉêÉÇ=çìí=çÑ=íÜÉ=ë~ãéäÉ=ëÉíK=
qÉëíë=ïÉêÉ=êÉéÉ~íÉÇ=íïáÅÉ=íç=ÉåëìêÉ=êÉéÉ~í~Äáäáíó=~åÇ=íÜÉ=êÉëìäíë=~îÉê~ÖÉÇK=
Web 2.0-Based Malicious URL Detection
Accuracy Test
cçê=íÜáë=íÉëíI=ÉåÖáåÉÉêë=ìëÉÇ=~=ëÉí=çÑ=VSR=roië=çå=éçéìä~ê=tÉÄ=OKM=ëáíÉë=
äáâÉ=ÄäçÖëéçíKÅçã=~åÇ=ïçêÇéêÉëëKçêÖ=Åçåí~áåáåÖ=ã~äáÅáçìë=ÅçÇÉI=çê=çÄàÉÅJ
íáçå~ÄäÉ=ã~íÉêá~äI=çÄí~áåÉÇ=Ñêçã=íÜÉ=tÉÄëÉåëÉ=qÜêÉ~ípÉÉâÉê=åÉíïçêâK=qÜÉ=
roië=ïÉêÉ=ÅÜçëÉå=Ñêçã=~=éççä=çÑ=roië=ÇÉíÉÅíÉÇ=Äó=íÜÉ=qÜêÉ~ípÉÉâÉê=åÉíJ
ïçêâ=íç=ÄÉ=Åçåí~áåáåÖ=ã~äáÅáçìë=ÅçÇÉ=çê=çÄàÉÅíáçå~ÄäÉ=ã~íÉêá~äK=qÜÉ=roië=
ïÉêÉ=ÅçääÉÅíÉÇ=Ñêçã=íÜÉ=éççä=ïáíÜáå=ëáñ=íç=OQ=Üçìêë=çÑ=íÜÉ=íÉëíáåÖ=ïáåÇçïI=íç=
ÉåëìêÉ=íÜ~í=íÜÉ=roië=íÉëíÉÇ=ïçìäÇ=ÄÉ=äáîÉ=çå=íÜÉ=fåíÉêåÉíK=
båÖáåÉÉêë=Éå~ÄäÉÇ=~ää=~î~áä~ÄäÉ=roi=Åä~ëëáÑáÅ~íáçå=Å~íÉÖçêáÉë=çå=éêçÇìÅíë=
ìåÇÉê=íÉëíI=êÉä~íÉÇ=íç=ã~äáÅáçìëLÜ~êãÑìä=å~íìêÉI=çê=çÄàÉÅíáçå~ÄäÉ=ÅçåíÉåíK=
«=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========PMT H E
T H E
WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting
TOLLY
TOLLY
Secure Web Gateways
GROUP
GROUP
qÜÉ=ëÉí=çÑ=roië=ï~ë=íÜÉå=~ÅÅÉëëÉÇ=~Åêçëë=íÜÉ=éêçÇìÅí=ìåÇÉê=íÉëíK=fÑ=~=roi=
ï~ë=Åä~ëëáÑáÉÇ=ìåÇÉê=çåÉ=çÑ=íÜÉ=Å~íÉÖçêáÉë=Éå~ÄäÉÇ=çå=íÜÉ=éêçÇìÅíI=íÜÉ=roi=
ï~ë=ÄäçÅâÉÇK=fÑ=íÜÉ=roi=ÅçìäÇ=åçí=ÄÉ=Åä~ëëáÑáÉÇ=ìåÇÉê=~åó=Éå~ÄäÉÇ=Å~íÉJ
ÖçêóI=íÜÉ=éêçÇìÅíë=ìåÇÉê=íÉëí=ïÉêÉ=ÅçåÑáÖìêÉÇ=íç=ÖÉåÉê~íÉ=~å=~äÉêíK=båÖáJ
åÉÉêë=íÜÉå=Å~äÅìä~íÉÇ=íÜÉ=ÇÉíÉÅíáçå=~ÅÅìê~Åó=çÑ=íÜÉ=éêçÇìÅí=~ë=íÜÉ=éÉêÅÉåíJ
~ÖÉ=ëìÅÅÉëëÑìääó=Å~íÉÖçêáòÉÇ=çê=ÑáäíÉêÉÇ=çìí=çÑ=íÜÉ=ë~ãéäÉ=ëÉíK=qÉëíë=ïÉêÉ=
êÉéÉ~íÉÇ=íïáÅÉ=íç=ÉåëìêÉ=êÉéÉ~í~Äáäáíó=~åÇ=íÜÉ=êÉëìäíë=~îÉê~ÖÉÇK
Criteria Evaluation by UI Inspection
båÖáåÉÉêë=íÜÉå=éêçÅÉÉÇÉÇ=íç=Éî~äì~íÉ=íÜÉ=éêçÇìÅíë=ìåÇÉê=íÉëí=íç=ÇÉíÉêãáåÉ=
íÜÉ=ÉÑÑÉÅíáîÉåÉëë=çÑ=íÜÉ=ìëÉê=áåíÉêÑ~ÅÉ=~åÇ=ÅçãéêÉÜÉåëáîÉåÉëë=çÑ=íÜÉ=ã~åJ
~ÖÉãÉåí=áåíÉêÑ~ÅÉK=qÜÉ=Éî~äì~íáçå=ï~ë=ÇçåÉ=Äó=áåëéÉÅíáåÖ=íÜÉ=ã~å~ÖÉJ
ãÉåí=áåíÉêÑ~ÅÉ=çÑ=É~ÅÜ=éêçÇìÅí=ìåÇÉê=íÉëíI=~åÇ=~äëç=Äó=éÉêìëáåÖ=íÜÉ=éìÄäáÅäó=
~î~áä~ÄäÉ=ÇçÅìãÉåí~íáçå=Ñêçã=íÜÉ=îÉåÇçê=çÑ=íÜÉ=éêçÇìÅíK=cçê=É~ÅÜ=Å~íÉÖçêóI=
qÜÉ=qçääó=dêçìé=ÉåÖáåÉÉêë=íÜÉå=~ëëáÖåÉÇ=~=ëìÄàÉÅíáîÉ=ëÅçêÉ=çå=~=ëÅ~äÉ=çÑ=N=
EäÉ~ëí=ÉÑÑÉÅíáîÉF=íç=Q=Eãçëí=ÉÑÑÉÅíáîÉKF=aÉí~áäÉÇ=êÉëìäíë=ìåÇÉê=É~ÅÜ=Å~íÉÖçêó=
~êÉ=éêÉëÉåíÉÇ=áå=íÜÉ=ÑçääçïáåÖ=ëÉÅíáçåëK
rë~Äáäáíó=ÅêáíÉêá~=ïÉêÉ=íÉëíÉÇ=Äó=ä~ìåÅÜáåÖ=íÜÉ=ã~å~ÖÉãÉåí=áåíÉêÑ~ÅÉ=~åÇ=
çÄëÉêîáåÖ=íÜÉ=Å~é~ÄáäáíáÉë=çÑ=É~ÅÜ=ëóëíÉãK=qÜÉ=ëìÄàÉÅíáîÉ=ìë~ÄáäáíóI=ä~óçìí=
~åÇ=çîÉê~ää=ÉÑÑÉÅíáîÉåÉëë=çÑ=É~ÅÜ=ÑÉ~íìêÉ=Ü~ë=ÄÉÉå=~ëëáÖåÉÇ=~=î~äìÉ=ê~åÖJ
áåÖ=Ñêçã=NI=äÉ~ëí=ÉÑÑÉÅíáîÉ=íç=QI=ãçëí=ÉÑÑÉÅíáîÉ=íç=áåÇáÅ~íÉ=íÜÉ=qçääó=ÉåÖáåÉÉêë=
áãéêÉëëáçå=çÑ=É~ÅÜ=çÑ=íÜÉ=ìåáíë=íÉëíÉÇK=
«=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========PNT H E
T H E
WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting
TOLLY
TOLLY
Secure Web Gateways
GROUP
GROUP
Interaction with Competing Vendors
Fair Testing Charter ™
~åÇ=fåíÉê~Åíáçå=ïáíÜ=`çãéÉíáíçêë
In accordance with The Tolly Group’s process, competitors were
contacted and invited to participate in the test - to review the
test plans, the product levels and configurations of their prod-
ucts and to review and comment on their results.
For more information on this process, please see:
http://www.Tolly.com/FTC.aspx.
Cisco Systems Inc., and Blue Coat Systems did not respond to
the invitation. Trend Micro, Inc. and Secure Computing Corporation agreed to par-
ticipate in the test, and were provided with a test plan. At the completion of testing,
The Tolly Group provided Trend Micro and Secure Computing with the results of
their products, and requested to provide comments. Secure Computing did not
provide official comments on their results.
Trend Micro representatives provided the following comments:
Trend Micro's most current secure web gateway product, InterScan Web Security
Virtual Appliance v3.1 (IWSVA), was not used in this test. The IWSVA product has
improved functionality over the tested product (IWSS) in the following areas:
1. Implementation Model: IWSVA supports bi-direction transparent bridging so
that no client or network re-configuration is needed.
2. Malware Detection: additional capabilities have been added to the IWSVA
product to ensure the highest possible content-based malware detection rates,
further enhancing the URL reputation-based malware detection already in the
product.
3. Performance and Throughput: IWSVA running on a standard off-the-shelf 8-
core server can support up to 10,000 users with full scanning and no notice-
able latency.
«=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========POT H E
T H E
WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting
TOLLY
TOLLY
Secure Web Gateways
GROUP
GROUP
Appendix: Product List



















































Source: The Tolly Group, November 2008
Figure 14
«=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========PP












































Terms of Usage
USE THIS DOCUMENT ONLY IF YOU AGREE TO THE TERMS LISTED HEREIN.
This document is provided, free-of-charge, to help you understand whether a given product, technology or service merits addi-
=
tional investigation for your particular needs. Any decision to purchase must be based on your own assessment of suitability.
This evaluation was focused on illustrating specific features and/or performance of the product(s) and was conducted under con-
trolled, laboratory conditions and certain tests may have been tailored to reflect performance under ideal conditions; performance
may vary under real-world conditions. Users should run tests based on their own real-world scenarios to validate performance for
their own networks. Commercially reasonable efforts were made to ensure the accuracy of the data contained herein but errors
and/or oversights can occur. In no event shall The Tolly Group be liable for damages of any kind including direct, indirect, special,
incidental and consequential damages which may result from the use of information contained in this document
The test/audit documented herein may also rely on various test tools the accuracy of which is beyond our control. Furthermore,
the document relies on certain representations by the sponsor that are beyond our control to verify. Among these is that the
software/hardware tested is production or production track and is, or will be, available in equivalent or better form to commercial
customers.
When foreign translations exist, the English document is considered authoritative. To assure accuracy, only use documents
downloaded directly from The Tolly Group’s Web site.
All trademarks are the property of their respective owners.
qÜÉ=qçääó=dêçìé=áë=~=äÉ~ÇáåÖ=ÖäçÄ~ä=éêçîáÇÉê=çÑ=íÜáêÇJ
é~êíó=î~äáÇ~íáçå=ëÉêîáÅÉë=Ñçê=îÉåÇçêë=çÑ=fq=éêçÇìÅíëI=
ÅçãéçåÉåíë=~åÇ=ëÉêîáÅÉëK
qÜÉ=Åçãé~åó=áë=Ä~ëÉÇ=áå=_çÅ~=o~íçåI=ci=~åÇ=Å~å=ÄÉ=
êÉ~ÅÜÉÇ=Äó=éÜçåÉ=~í==ERSNF=PVNJRSNMI=çê=îá~=íÜÉ=fåíÉêJ
åÉí=~í
ÜííéWLLïïïKíçääóKÅçãI=ë~äÉë]íçääóKÅçã=
båíáêÉ=`çåíÉåíë=`çéóêáÖÜí=OMMU=Äó=
qÜÉ=qçääó=dêçìéI=fåÅK
^ii=ofdeqp=obpbosba
OMUPOSJñÑÅÑëNJââJMOaÉÅMU
«=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========PQ