Websense Web Security Gateway

abdomendebonairΑσφάλεια

2 Νοε 2013 (πριν από 3 χρόνια και 9 μήνες)

238 εμφανίσεις

Websense Web Security Gateway

Product Overview

Agenda


About Websense


The Changing Security Landscape


The ThreatSeeker Network


Web Security Products Overview


Takeaways




2

3

About Websense


Leading Provider of Web, Messaging and

Data Security Solutions


Annual Billings: $356m +


Employees: 1,250


43 million subscription seats


5,000 value
-
add resellers, worldwide


Award
-
winning partner program


Global development with ~5 sites


Global security research with >80 dedicated
content researchers


Global support and services


“Today’s enterprises require a more holistic and integrated approach for
Internet security

a Web security ecosystem

to combat emerging threats
from the Internet… Websense is the worldwide leading vendor in the Web
Security market.”


-
Brian Burke, Program Director Security Products, IDC

Websense Integrated Solutions

The Changing Security Landscape

Desktop of Yesterday

Local applications

and data

Network applications

and data

Basic Web

Applications

Static Websites

Desktop of Today

Local applications

and data

Network applications

and data








Corporate Webmail








Instant Messaging








Hosted Applications

Blogs








Local Weather















Hosted Security

Email Security

YouTube Videos















Networking

User

Generated

Applications

Hosted

Security

Hosted Applications

and Data

User

Generated

Content

Web
-
Based Mashup

Today’s Webscape

8

Top 100 sites

Next 1 million sites

Next 100 million sites

THE DYNAMIC WEB



Constantly changing content



Millions of
varied

pages per site



Legitimate sites compromised



Legacy security systems obsolete



Requires real
-
time content analysis

THE KNOWN WEB



Current events, regional, genre sites



Less user
-
generated content



Reputation, URL databases fairly


effective

THE UNKNOWN WEB



Junk, personal, scam, adult, etc.



Million of new sites appear daily



Reputation and URL databases


can’t keep up



Requires real
-
time categorization


and real
-
time security scanning

Web Traffic

77 percent of Web sites with malicious
code are legitimate sites that have been
compromised

The Truth About Web 2.0


The Web is changing dramatically affecting how
people work, communicate, and collaborate


End
-
users and business units increasingly demand access to
Web 2.0 tools and applications


Many organizations now view Web 2.0 as
“mission critical”


Lack of visibility and policy control over Web 2.0


Legacy security controls don’t protect against new threats


IT cannot safely support new business initiatives


Monolithic ON/OFF policies for the most widely used and
dynamic sites are rarely satisfactory


User
-
generated content multiplies chances of data
loss


Data leaks on the web are irreversible, and can rapidly spread
to enormous proportions


9

Web Security Gateway

WEBSENSE CONFIDENTIAL

Websense Web Security Gateway

11

Websense Web Security Gateway


Break
-
through solution for Web 2.0

security challenges


Apply policy to dynamic web content
without blocking all access


Protect against dynamic Web 2.0 threats


Application Control


Visibility into all Web traffic


including SSL
encrypted traffic

WEBSENSE CONFIDENTIAL

Websense Web Security Gateway


Websense Web Security Gateway allows you to:


Take advantage of Web 2.0 technologies


Improve productivity/collaboration


Foster closer customer relationships


Optimize business processes


Improve employee satisfaction



And do it securely


Implement effective policy control over user generated content


Control dynamic threats


Manage the use of unsanctioned network applications


Provide visibility and control over inbound and outbound
communications


12

70 percent of the top 100
sites either hosted
malicious content or
contained a masked
redirect

WEBSENSE CONFIDENTIAL

Effective Control of Dynamic Content


Control “personalized content” such as iGoogle


Content only visible once user logs in


Multiple sources/categories of data on a single web page



Websense can securely enable benefits of Web 2.0


Allow appropriate content, block unwanted or malicious content


13

WEBSENSE CONFIDENTIAL

Dynamic threat protection


Threats designed to evade anti
-
virus detection


Active scripts, obfuscated code


Converged threats


Social Engineering



ThreatSeeker prevents zero
-
day and dynamic threats


Dynamic threat identification and protection


Integrated anti
-
virus protection
(available in v7.1)


14

JavaScript

Active X

Executable
Files

Applets

Code analyzed


malicious intent blocked

Active X

Executable
Files

Applets

WEBSENSE CONFIDENTIAL

Advanced Protocol Control



Huge growth in development and use of
network protocols for applications


IM, P2P etc can be implemented using
SSL to create invisibility


Growing security concern for inbound
and outbound communications



Websense Web Security Gateway can
control over 130 network protocols


Prevent threats from entering the
network


Prevent confidential data from leaving
your business


Preserve bandwidth for business critical
applications

15

WEBSENSE CONFIDENTIAL

Visibility into all traffic


Volume of SSL traffic has rapidly increased


Rising adoption by web
-
applications


Can circumvent defined policy by making content “invisible”


Used by proxy avoidance sites



Complete visibility helps eliminates “blind spots”


Control over inbound and outbound content


Integration with Data Security Module enables inbound and
outbound control over content

16

WEBSENSE CONFIDENTIAL

Integrated Web Proxy and Cache


Built on carrier
-
class proxy and cache platform


Enables visibility and management over web and SSL encrypted
traffic


Decrease latency for Internet downloads


Increase performance



Consolidate existing web proxy deployments and projects


Save time, money, space and resources

17

WEBSENSE CONFIDENTIAL

Control over outbound content


Limit risk of loss of revenue, regulatory penalties, lawsuits,
brand reputation damage, and loss of good faith



Prevent confidential information from leaving your network


Analysis of all web and SSL encrypted traffic



Limit exposure to data loss through applications and
spyware transmitting data out of the network


Broad control over network protocols


Allow only IT sanctioned protocols

18

Comprehensive Security Dashboard

Fully customizable

click
-
through reports

Security Stats

Workflow

Health check

Task
-
based Management


Common administration tasks
available on all interface pages


Reduce learning curve to manage product


Save time and resources carrying out
common tasks


Simplify troubleshooting without user
involvement

20

Flexible Policy Controls


Granular web policy creation


95 URL categories


Control to block, allow, confirm
and use quota



Implement policy for groups
and individuals


Integration with authentication
services


Allows detailed policy and
actionable reporting

World Class Reporting


Fully integrated management and reporting interface


55 built in reports


Drill
-
down reporting direct from the dashboard


Granular reporting


Build reports based on over 1200 elements


Create actionable reports to the group, of even individual user level


A wide choice of report output options to suit your needs including
html and pdf with bar and pie chart options


Generate customized reports quickly and easily


View customized reporting directly from the main dashboard view


No external scripting or Command Line Interface access required

23

World Class Reporting

24

Integrated management


and reporting interface


Numerous options for

report output


Drill
-
down reporting

direct from dashboard


Web Security Gateway deployment

26

SSL

Websense Security Labs

ThreatSeeker
®

TECHNOLOGY

Data Security

Module



WCG


WS V7

NA

V10000

ThreatSeeker
®

TECHNOLOGY

WEBSENSE

Web Security

Gateway

Introducing the Websense V10000


The world’s best Web Security Gateway



Enterprise & ISP grade proxy cache



Passive traffic control



Hardened & Secure Services



Market leading price/performance



Platform architecture for EIP

High Performance Networking

& Extensible Platform

Full User

Authentication

SSL Decryption

Caching

Explicit/Transparent

Deployment

High Performance Networking

& Extensible Platform

Web Security

& URL Filtering



Unique real
-
time content


classification for Web 2.0



Market leading URL database



Integrated anti
-
virus



Advanced Web
-
Centric analytics


for known and unknown threats

Resources

CPU

CPU

CPU

CPU

CPU

CPU

CPU

CPU





WCG



WS V7

NA

V10000

High Performance Networking

& Extensible Platform

Web Security

& URL Filtering


Application Control




Monitor & Control 130+ protocols



Automated updates for emerging


and updated apps



Control IM, P2P, etc. risks

High Performance Networking

& Extensible Platform


Web Security

& URL Filtering

Application Control




Industries most robust policy


management capabilities



Unique scalable & distributed


architecture



Multi
-
admin control domains

Enterprise Class

Policy Management

V10000 Appliance Management GUI


Simplicity and Optimization Through Virtualization

Management
integration

(Roadmap)

Websense Hosted

Web Security

Websense Web Security Architecture

36

36

SSL

Websense Security Labs

Data Security

Module



WCG

WS V7

NA

V10000

ThreatSeeker
®

TECHNOLOGY

WEBSENSE

Web Security

Gateway

ThreatSeeker
®

TECHNOLOGY

V10000 Benefits

In addition to the security benefits of WSG, V10000 offers:


Lower Total Cost of Ownership


Consolidate hardware requirements


Save resources for space, power and maintenance


3 year hardware warranty included


Increased Security


Hardened operating system


Simplified deployment and management


V10000 is pre
-
installed with all software


Elimination of OS patching/upgrades


All software upgrades managed by Websense


Ability to stop/start/restart application modules quickly & easily


High
-
Performance Architecture


Designed to be scalable, flexible and extensible



38

What would you do?

39

iGoogle


Websense View

40

What about this?

41

iGoogle


Websense View

42

How Competitors Deal with Web 2.0


Backwards
-
looking technology


Decisions on entire


sites based on past

reputation


not

content


Web 2.0 sites content


are considered all

“good” or all “bad”


Facebook =
BAD
, block all pages


Wikipedia =
GOOD
, allow unrestricted access


Simplistic, non
-
granular policies can lead to
over
-
blocking and frustration



YES

NO

MAYBE

?

?

?

?

?

?

?

?

How Websense Deals with Web 2.0


Inline, real
-
time classification of all content,
at any level within a site.


Comprehensive Web 2.0 malware
protection


Dynamic threats, malicious scripts, infected
Web objects, browser
-
based applications


Granular policy controls based on actual
content


not past reputation


Enables organizations to allow access to
large Web 2.0 sites without allow unwanted
content or malware


YES

YES

MAYBE

YES

NO

YES

MAYBE

NO

YES

The ThreatSeeker Network

46

Websense Security Labs and ThreatSeeker


Websense Security Lab updates


Provides automatic updates to WSG databases and rules


Defends against “zero
-
day” attacks


Updates provide links to additional threat / category details


Recognized leader in security research


Discovers and investigates Internet threats 24*7


Publishes findings to the security community


Global operations (
Americas, EMEA, APAC)



First to Market with


Phishing protection


Drive
-
by and backchannel spyware protection


Bot

network protection


Crimeware
/
keylogger

protection


First and most effective protection against


Storm attacks, ‘Italian Job’, Dept of Justice
trojan


Super Bowl site Compromise + malicious code distribution


Samsung, Microsoft, Google compromise + malicious
code distributio
n




URL & Security

Database

Expanding the ThreatSeeker Network

Websense Security Labs

ThreatSeeker
®

TECHNOLOGY

Threat detection / probes

Shared analytics / feedback

Real
-
time security updates

Websense Hosted Security

ThreatSeeker
®

TECHNOLOGY


WEBSENSE

Web Security


Gateway

Websense

Customers

Websense

Hosted

Customers

40+ million sites

per hour


10+ million

emails per hour

1 billion pieces of

content per day

Web 2.0

Sensor

48

Web 2.0 Effectiveness #1

Revolutionary performance


Websense dominates the test
focused on blocking threats
and categorizing dynamic
content on Web 2.0 sites like
BlogSpot,
WordPress

and
other Web 2.0 sites


Most competitors simply block
all access to these categories
of sites or rely on Web
Reputation systems that are
ineffective for popular sites that
contain a wide range of content


Secure Computing (now
McAfee) finishes a distant
second, well ahead of the rest
of the pack

49

Key Take
-
Aways


Websense makes Web 2.0 work


Other vendors take blunt ON/OFF approach


Websense is unique in categorizing all content

and malware in dynamic sites



We provide better, unified security


Unrivaled expertise in proactively finding threats


We don’t rely on collection of OEM components


Integrated inbound and outbound protection


Protecting your Essential Information requires

contextual knowledge


No other vendors can build comprehensive

policies around WHO, WHAT, WHERE, HOW


Websense is the clear market leader


By far the largest market share in Web security


Technology leadership in DLP


Comprehensive set of products covering Web,

data, and messaging security

Want a Product Demo?



View online video demo



Attend a weekly demo Webcast