Web - Elmec Vision

Websense TRITON
Raggiungere un elevato livello di integrazione di soluzioni e piattaforme
grazie ad una nuova ed unica suite dedicata alla sicurezza dei
contenuti
Ferdinando Mancini – Sr. Sales Engineer
web security | data security | email security
© 2010 Websense, Inc. All rights reserved.
Websense Milestones
Unified Content Security
Websense Evolution
Real-time security & content management
Essential Information Protection™
Web Filtering:
Block inappropriate
content in the
workplace
1994
Manage
Internet
access for
productivity
2000
Protect by
blocking access
to compromised
sites;
ThreatSeeker™
technology
2004
2006
2007
2008
2009
2010
Acquired Inktomi Traffic Server
500 Mil $ investiti negli
ultimi 2 anni in Ricerca
e Sviluppo
Acquired Port Authority Technologies
Acquired SurfControl
Investment & Innovation
Acquired Defensio
© 2010 Websense, Inc. All rights reserved.
Websense – Innovazione e Leadership
Innova&on First to market with phishing protec2on Nov ‘02 First to market with drive‐by and backchannel spyware protec2on First to market with crimeware/keylogger protec2on Nov ‘02 Nov ‘04 47 Brevetti Mondiali
Feb ‘06 First to add natural language processing to DLP. Jun ‘07 106 richieste in via di approvazione
First to market with bot network protec2on First to deliver Web‐eMail‐Data bi‐direc2onal security intelligence Dec ‘07 First to market with dynamic Web 2.0 content categoriza2on Mar ‘08 First to create an Internet HoneyGrid that melds honeypots and advanced grid compu2ng capable of parsing one billion pieces of content daily Mar ‘08 First to deliver a hybrid virtual service plaOorm combining the best of appliances and cloud‐based services Feb ‘10 © 2010 Websense, Inc. All rights reserved.
La security tradizionale e’ inefficace
See the proof for
yourself at the:
Security
Effectiveness
Center
hQp://securitylabs.websense.com/ Numero di Real Time secutity
Update
© 2010 Websense, Inc. All rights reserved.
La security tradizionale e’ inefficace
hQp://securitylabs.websense.com/ Numero di virus non conosciuti
bloccati
© 2010 Websense, Inc. All rights reserved.
L’URL Filtering statico è
insufficiente
AUCTIONS
VIDEO OR
GAMBLING
AUDIOe’ insufficinete,
IL
controllo URL statico
STREAMING
e’
necessario riconoscere il contenuto.
SOCIAL
NETWORKING
INAPPROPRIATE
OR LEGALLY
LIABLE
CONTENT
© 2010 Websense, Inc. All rights reserved.
The best modern security at the lowest total cost of ownership TRITON Architecture
Unified
Solution
Web
Data
Email
Security Security Security Unified Content Security
Unified
Platform
SaaS Appliance Software Unified
Management
© 2010 Websense, Inc. All rights reserved.
Websense TRITON
Advanced Classification Engine (ACE)
ThreatSeeker Network 0101010101010101
1010110111010101
7.5 Product Features - WSGA
 DLP Integration with Web Security Gateway
– Will be first vendor to truly integrate DLP and WSG
– Eases customer entry into DLP by making it a feature in their existing
gateway – will result in more DSS customers
– Increases value proposition for WSG by adding market leading content
control – will result in more WSG customers
 Hybrid Hosted/On-Premise Solution for WSG
– Will be first vendor to deliver a hybrid solution
– Gives customers flexibility on how they deploy WSG – in cloud, onpremise or both
 Web Security and Proxy features
– Real time security and content classification
– Multiple authentication realms
Hybrid Web Security Gateway Solution
Integrated Policy & Repor&ng (7.5) Websense Hosted Web Security WCG
WSG
NA
NA
SSL
ThreatSeeker
®
TECHNOLOGY
Websense Security Labs
Integrated Data Security
Websense Hosted Web Security Integrated Policy & Repor&ng (7.5) WCG
WSG
NA
NA
SSL
Unified Management & On‐Board DLP (7.5) ThreatSeeker
®
TECHNOLOGY
Websense Security Labs
7.5 features
Feature Func&on Benefit Hybrid Web Security 1. Deploy Web Security Gateway across a distributed enterprise using a mixed‐method of on premise and cloud‐based deployments Extend Web security policy controls to the branch office and mobile worker Manage your en2re mixed‐method deployment – across both on premise and cloud deployments – through a single management plaOorm 1. WSG provides visibility and control over outbound content over web traffic by inspec2ng web and other channels Visibility into company assets (intellectual property, employee data, etc.)that are being communicated over the Web Visibility into regulated content (PII, PCI, PHI, others) 1. WSG allows bypassing SSL traffic based on the Category for easier SSL configura2on Mul2ple authen2ca2on realms will be supported for proxy authen2ca2on Applica2on recogni2on in the proxy for Web traffic without requiring Network agent. Support for the 2008s‐ ISA 2008 plug‐in, SQL 2008 compa2bility 1. 2. 3. Web Data Loss Preven&on 1. 2. 3. Ease of Deployment 1. 2. 3. 4. 2. 3. 2. 3. 2. 3. Customize your Web security with a flexibility architecture to efficiently cover your en2re enterprise, without deploying and suppor2ng addi2onal IT resources Deploy persistent policies and centralized repor2ng anywhere across the enterprise, from the corporate site to the branch office and mobile worker Op2mize your Web security configura2on and reduce costs and 2me to value with centralized management and repor2ng of all of the users in the enterprise Monitor and protect Web communica2ons for confiden2al data and prevent data loss Data leakage preven2on built into the WSG product proxy not requiring addi2onal hardware. Demonstrate compliance with industry regula2ons to avoid penal2es, failed audits, and bad press. Op2mize network deployment by transparent deployment across different domains in the enterprise. Demonstrate compliance with security policies, minimize security risks and manage produc2vity by keeping an eye on applica2on usage in web channel Expand the deployment op2ons and future proof the investment © 2009 Websense, Inc. All rights reserved.
14
Web Security Gateway Anywhere
Key Features and Functions
Feature Real‐&me Scanning Web Security Gateway Anywhere Func&on 1. RTCC for Acceptable Use Policy monitoring and enforcement for dynamic, Web 2.0 sites, 2. RTSS for visibility and control over malware on dynamic Web 2.0 sites 3. Effec2ve iden2fica2on of previously unseen web content (such as private proxy avoidance servers, content behind registra2on) Hybrid Web Security 1. Deploy Web Security Gateway across a distributed enterprise using a mixed‐method of on premise and cloud‐based deployments 2. Extend Web security policy controls to the branch office and mobile worker 3. Manage your en2re mixed‐method deployment – across both on premise and cloud deployments – through a single management plaOorm 1. WSG provides visibility and control over outbound content over web traffic by inspec2ng web and other channels 2. Visibility into company assets (intellectual property, employee data, etc.)that are being communicated over the Web 3. Visibility into regulated content (PII, PCI, PHI, others) Web Data Loss Preven&on Network Protocols and Applica&on Control 1. Monitor and control over 130 protocols and thousands of applica2ons, including IM and P2P 2. Automa2c updates for new or updated applica2ons Enterprise‐wide 1. Single console to manage policies and reports across a distributed, mixed‐method deployment Management and Repor&ng 2. Drill‐down capabili2es from dashboard to more details behind sta2s2cs 3. Deploy sites on the V10000 G2 appliance as a plaOorm solu2on Leading Price Performance 1. Integrated content security 2. Industry leading plaOorm 3. Market‐leading technology 4. Global services and Support Web 2.0 Visibility, Protec2on & Control Real‐&me Content Classifica&on Real‐&me Security Scanning Applica&on Recogni&on and Detec&on An&‐Virus • Classifies content into filtering categories by extrac2ng and analysing webpage elements • Security‐focused analysis of threats • Proven technology from ThreatSeeker Network • Analyses executables and non‐web‐based files • Tradi2onal virus detec2on using 3rd party engine 16
Content Classification Stack
Websense Technology Web Exploit: Profiling aka RTCC/SS Reputa2on File Scanning (An2virus) URL Filtering Uniqueness • Real‐2me content/security scanning • Dynamic exploit profiles for detec2on for known and unknown exploits • Obfusca2on and shell code analysis and Web kit detec2on profiles • Real‐2me… Websense is the ONLY vendor to do this • 9 point reputa2on analysis (property, lexical, Web 2.0, neighbors, search, history, age, and geography) • URL filtering of exploits & malware detected via founda2onal infrastructure • Real 2me “push” of reputa2on filtering updates • 40+ updates (on average) every day • Third Party AV signatures for known file based threats • Websense signatures for known file based threats • Integrated heuris2cs and generic aQack signatures for unknown aQacks • Real 2me “push” of signature updates • 40+ updates (on average) every day • Most mature URL filtering on the market • Supported by Email, Web 2.0 (Defensio), and Honey Pot feeds (1 billion pieces of content analyzed every day) • 80‐100 updates (on average) every day 17
Applica2on Scanning Content Stripping HTTP 8080 HTTPS 8070 Web Security Content Threat Scanning WTG Plug‐in Real‐Time Categoriza2on Applica2on Control WSG Data Flow and Analysis
Proxy/Cache 18
Network Footprint Consolidation
 Appliance cost
Internet

Internet Firewall 
Mul$ple appliances 
Web Proxy & Caching SSL Decryp&on 
V10000 PlaZorm An&‐Virus Web 2.0 Exploits URL Filtering DLP* Users * DLP integrated in V7.5 
consolidation
Reduced power
consumption
Reduced network footprint
Improved latency
Faster change
management
Centralized management
Combining Network Agent and APD
V10000 (Explicit) PAC files WPAD (DNS, DHCP), GPO, SMS Users Other protocols over HTT
APD P Other TCP HTTP / HTTPS Router Network Agent Firewall WCCP v2 Internet
(Transparent) WCG Q&A