webinar websense web security gateway anywhere
TRANSCRIPT
Web Security Gateway Anywhere
The Web Security Challenge
Web Technology Trends
Along with Web 2.0, however, comes new risk as traditional URL filtering
and antivirus solutions are rendered ineffective.
Customer relationship and payroll are now delivered over the Web while
social networking is used for recruitment, lead generation, and
marketing.
Dynamic, interactive Web 2.0 technologies have transformed the Web into a core business application platform
© 2010 Websense, Inc. All rights reserved.
Blocking access is not the answer – increasingly the business needs broad Web
access to compete and enable employees to get the job done.
The Web Security Challenge
Dynamic malware protection– Web is THE primary malware distribution platform– AV can’t keep pace
Dynamic acceptable use policy– Traditional URL filtering can’t handle dynamic
nature of today’s Web– Force IT into monolithic ON/OFF policies
Outbound data loss and compliance– Interactive destinations multiply data loss risk– 58% of data stealing malware is Web based
Rising Web security TCO– Managing multiple vendors and products– Supporting the distributed enterprise
Enable secure business use of dynamic, interactive Web resources
OutboundPII, CC#,
SSN, health, financial
Inbound mixed content,
malicious scripts
AV, Filter, DLP
Static URL Filtering is Dead
Gambling
Social
Networking
Inappropriate
Content
Video or Audio
Streaming
Auctions
Understanding the URL is not enough. You must understand and control the content on the page.
Traditional URL
filters, classify this
as “Search”
Is it really?
Complexity Driving Higher TCO
Manage multiple products and vendors– Web, AV, DLP– Multiple boxes, policies, reporting
systems, and relationships Securing the distributed enterprise
– Remote offices lack technical expertise
– May add yet another separately managed SaaS solution
HQ / Large Branch
DLP Manager
Web
DLP Sniffer
Web/AV Manager AV
Branch Offices
Web
AV
DLP Sniffer
SaaS
Remote Users
SaaS
Remote Client
SaaS Console
The challenge – replace ad-hoc Web security with a simple, unified solution
The Web Security Gateway Anywhere Solution
The TRITON Architecture
ApplianceSaaS Software
WebSecurity
DataSecurity
EmailSecurity
Unified Content Security
Unified Management
© 2010 Websense, Inc. All rights reserved.
UnifiedPlatform
UnifiedSolution
The Web Security Gateway Solution
9
The best security against modern threats
• Apply policy to dynamic , interactive Web 2.0 content
• Protect against dynamic and scripted Web threats
• Prevent outbound data loss and establish compliance controls
• Manage use of network applications and protocols
• Gain visibility into encrypted SSL traffic
At the industry’s lowest TCO
• Consolidate multiple products and deployment platforms with
a unified content security solution
Web Security Gateway Overview
TRITON Console
TruHybrid Deployment
Enterprise Proxy Architecture
Advanced Classification Engine1
2
3
4
5
TruWeb DLP
V-Series AppliancesEnterprise-class performance and reliability for on-premise deployments– Scale to 7,500 users per appliance– Support for load balanced, high
availability clusters– Global 24 x 7 phone support– Global 4 hour on-site service– Proven in Fortune 100 environments
Lowest total cost of ownership– Preconfigured, hardened, simple to
deploy– Consolidated Web security: filtering,
AV, real-time scanning, DLP, management
– Investment protection - future support for Web, DLP, email security
V10000 ApplianceHeadquarters/ Large Branch Appliance
Two Deployment Options
V5000 – Medium Business/Branch
V10000 – Headquarters/Large Branch
V-Series AppliancesV-Series Appliances
V-Series Deployment Options
V10000 Appliance
Enterprise HQ / large branchUp to 7,500 usersComponent redundancyInvestment protection– Scale for consolidated
Web AND email (v7.6)– Headroom to grow
beyond 2000 users
V5000 Appliance
Enterprise branch and medium business
Up to 2,000 users
Web OR email appliance (v7.6)
V10000 V5000
DLP
Web
DLP
V5000
Web
DLP
OR Email
DLP
Websense TRITONAdvanced Classification Engine (ACE)
01010101010101011010110111010101
ThreatSeeker
Network
Real-time Content ClassificationExtends acceptable use policy to dynamic content not accurately classified by traditional URL filtering– Password protected, mixed-content, uncategorized, personalized sites– iGoogle, Facebook, LindedIn, Twitter, MyYahoo, etc.
Dynamically classifies content within each Web page “on the fly” – Allow appropriate content, block unwanted or malicious content– Accurate across all 95 Websense categories
14
Unlock the power of the Web 2.0 without compromising productivity and security
Without Websense
15
With Websense
16
Without Websense
Decisions based on past history – not actual content
Simplistic policies lead to over-blocking or poor security – Facebook = BAD , block
all pages– Wikipedia = GOOD, allow unrestricted access
AV and other signature-based technologies protect against known threats only
No practical data loss prevention– Manually configured regular expressions guarantee
false positives, extensive tuning, and wasted time– No best practice compliance policies or reporting– Enterprise-class compliance solution requires
complex and costly third-party integration
YES NO MAYBE
? ??
??
??
?
With Websense
Real-time classification for granular control of content elements within page– Across 95 categories– Actual content versus past reputation
Real-time security scanning for dynamic zero day and scripted malware protection
Native integration of market leading DLP for easy to deploy data compliance controls
Enables organizations to enable Web 2.0 without inbound threats and outbound risks
YESYESMAYBEYESNO
YESMAYBENOYES
Real-time Security ScanningModern threats designed to evade antivirus (AV)– AV blocks known threats – > attacks change or target zero-day vulnerabilities– AV focuses on executables – > attacks are scripted– Leverage complex evasion methods –obfuscation, hybrid Web/email, spear-
phishing
Real-time security scanning protects against dynamic “zero day” and scripted attacks that evade antivirus– Analyzes scripts, executables, URL, reputation, and content “on-the-fly”– Multi-point analytics combine to identify malicious intent
Augments integrated antivirus and malicious URL filtering for complete protection against known and unknown threats
19
JavaScript
Active X
Executables
AppletsCode analyzed – malicious intent blocked
Silverlight
Flash
JavaScript
Active X
Executables
Applets
Silverlight
The ThreatSeeker Network
Threat Detection/Probes
Real-Time Security Updates
Shared Analytics/Feedback
URL and Security Database
WebsenseSecurity Labs™
Websense Hosted Security
1 billion pieces of content per day
10+ million emails per hour
200+ million sites per day
2+ million posts per day
Defensio
WebsenseHosted Customers
Websense Web Security Gateway
ThreatSeeker Technology
ThreatSeeker Technology
Granular web policy creation– 95 URL categories– Control to block, allow,
confirm and use quota
Implement policy for groups and individuals– Integration with
authentication services– Allows detailed policy and
actionable reporting
Flexible policy controls
Advanced Protocol Control
Growth in development and use of network protocols for applications– IM, P2P etc can be implemented using
SSL to create invisibility– Growing security concern for inbound
and outbound communications
Web Security Gateway controls 130+ protocols and applications– Prevent threats from entering network
via non-business channels (e.g. P2P, IM)
– Prevent confidential data from leaving– Preserve bandwidth for business
applications– Control SSL encrypted (e.g.
GoogleWave) and tunneled enterprise applications (e.g. Webified Oracle)
22
TruHybrid Deployment
TRITON Console
SSL
V-Series Appliances
HQ/Branch
SaaS Web Security
Remote Users
Branch
The ONLY solution with unified management of
hybrid on-premise / SaaS deployments
Flexibility to deploy where and how you need it
Secure HQ with on premise appliance
Secure branch and mobile users in the cloud
No need to manage separate policies and reports
2X lower operating cost than competition
TruHybrid in Action
Register branch IP addresses with on-premise Web management
User, group, policy, reporting data automatically synchronized between on-premise manager and SaaS data centers
No remote equipment or client software to support
V-Series Appliance or Dedicated Management
Server
SaaS Web Security
Remote User
Branch
Policy, Users, Groups
Log/Reporting
HQ / Large Branch
Secure branch office and mobile users in minutes
SaaS Service DeliveryHosted from 8 globally distributed data centers– San Jose and Ashburn, United States– Heathrow and Feltham, UK– Dusseldorf, Germany– Paris, France– Hong Kong– Sydney, Australia
Resilient processing clustersAutomatic data center allocation and fail-over– Directs travelling users to nearest geographical data
center– Redirects to nearest alternate in case of failure
PerformanceService Level Agreements:– 100% protection against known viruses– 99.99% service availabilityNo noticeable latency: < 60ms average processing time
Accredited to ISO27001
TruWeb DLP
Native integration of market leading DLP for Web traffic– Predefined compliance data
classifiers, policies, and reporting– Patented precise ID fingerprinting
Simplified DLP and compliance– Single-box Web/DLP enforcement– Unified TRITON interface– Single vendor– Automated compliance best-
practices and accuracy
Web DLP
Simple, Single-Box Enforcement
On-premise deployment (appliance or software)Lower latencyNo unencrypted sensitive data sent over networkLower TCO for complete inbound/outbound Web security– 3X fewer enforcement boxes – PER LOCATION!– 2X fewer management systems– 2X fewer vendors– Lower software license cost– Simple license key upgrade to full DLP
Web Security V-Series
Appliance
DLP Sniffer
DLPWebAntivirusVendor A
Vendor B
ICAP
WebsenseCompetitors
Best Practice Compliance Wizards
Best practice compliance policies automatically enabled in minutes– No need to translate vague or complex regulation into technical DLP policies– Derived from years of experience meeting worldwide compliance requirements
Select
Region
Select
Industry
Select
Regulation
Web User and Destination Awareness
DLP policies and reports include user and Web category information
Accelerate decision making and compliance– Compliance reports immediately reveal sources of outbound risk – what, who, and
where– Separate legitimate business process from compliance violations
Enterprise Web Proxy, SSL Proxy and Cache
Decrease latency for Internet downloadsConsolidate existing proxy deployments– Reduce rack space, power, latency, and support cost
Enable visibility and control of encrypted SSL traffic– Eliminates “blind spot” used to circumvent outbound
control policy (firewall, DLP, Web)– Often used by proxy avoidance sites– Integration with Web DLP enables
inbound and outbound control– SSL bypass supports privacy
exceptions (e.g. banking)
TRITON Console
Role based control for Web and data loss prevention
Simplifies administration for lowest TCO
Expandable to full TRITON unified content security solution– Full enterprise wide DLP (discovery, endpoint, email, etc.) on existing hardware with
simple license upgrade– Preserve investment in existing policies, reports, training, hardware – Future support for integrated email (also running on V10000 appliance)
Unified management of Web, DLP, on-premise, and SaaS
Fully customizable click-through reports
Security AlertMonitoring
Task-basedManagement
System Health Monitoring
Comprehensive Security Dashboard
Task-based Management
Common administration tasks available on all interface pages– Reduce learning curve to manage
product– Reduce time to carrying out
common tasks– Simplify troubleshooting without
user involvement
World Class Reporting
Drill-down reportingdirect from dashboard
Numerous output options: pie chart, bar charts, pdf, html
Integrated policyand reporting interface
Unparalleled VisibilityWhere Your Users are Going
Where Your Data is Going
Where You Are at Risk
Questions?