![Symantec MessageLabs Web Security.cloud Chris Russell ,[object Object],Web Security .cloud – January 2011](https://image.slidesharecdn.com/websecuritycloud-13037756775104-phpapp02/85/Web-Security-and-Network-Security-1-320.jpg)
![Web Security Challenges Web Misuse ,[object Object],Web Security .cloud – January 2011 Defending Against Malware ,[object Object],Enforcing a Web Acceptable Use Policy ,[object Object],An Increasingly Mobile Workforce ,[object Object]](data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7)
Empfohlen
Weitere ähnliche Inhalte
Was ist angesagt?
Was ist angesagt? (20)
Ähnlich wie Web Security and Network Security
Ähnlich wie Web Security and Network Security (20)
Kürzlich hochgeladen
Kürzlich hochgeladen (20)
Web Security and Network Security
- 6. Web Security.cloud Overview Web Security .cloud – January 2011
- 7. Web Security.cloud How it works Clean content is delivered without noticeable delay 3 Web content is retrieved by Symantec.cloud Multi-layer scanning detects Web-borne threats Web Security .cloud – January 2011 A user initiates a Web request which is checked against the customer policies 1 Firewall Firewall Policies determine whether traffic is sent on, flagged or denied. Each request is logged. Internet 2
- 13. Part of a Portfolio of Integrated Cloud-based Services Web IM Email Content Control Image Control URL Filtering Boundary Encryption Policy Based Encryption Archiving Continuity Content Control Recover Secure Control Protect AntiVirus AntiSpam AntiVirus AntiSpam AntiVirus AntiSpyware Skeptic TM EndPoint.cloud Web Security .cloud – January 2011 EndPoint
- 16. Chris Russell [email_address] +61 (0) 2 9086 8285 Web Security .cloud – January 2011
- 17. Web Security .cloud – January 2011
- 20. Market Leadership Web Security .cloud – January 2011
- 21. Email and Web Converged Threats Example Phishing Attack Malicious URLs appear in emails designed to appear legitimate Spoofed or compromised website is used to capture account information or install malware Web Security .cloud – January 2011
- 22. Web Security Deployment Options Web Security .cloud – January 2011 Business Need On Premise Software or Appliance Symantec.cloud Service Block Threats Outside the Network Automatic URL, Virus Signature, and Product Updates Roaming User Traffic Not Routed Through Corporate Network Predictable Costs Managed as OPEX Rapid Deployment Service Level Agreements Unlimited Scalability Built-in High Availability Complimentary 24 / 7 Support
- 34. Industry Leading Service Level Agreement Support Email Web AntiVirus Protection 100% protection from known and unknown email viruses Credit is offered if a client infected by a virus Virus False Positives 0.0001% FP capture rate Credit is offered if we do not meet this commitment Spam Capture Rate 99% capture rate (95% for emails containing Asian characters) Credit is offered if we do not meet this commitment Spam False Positives 0.0003% FP capture rate Credit is offered if we do not meet this commitment Latency Average roundtrip time of 100% of email delivered in less than 60 seconds Credit is offered if latency exceeds 1 minute Delivery 100% delivery guarantee Client may terminate if we do not meet this Service Availability 100% uptime Credit is offered if availability falls below 100% Client may terminate if availability falls below 95% Archiving Service Availability Guarantee 99.9% uptime for archiving network Client may terminate if availability falls below 90% Appliance Replacement Guarantee If appliance fails during the warranty period, MessageLabs will repair or replace the appliance within 3 business days at no cost Technical support / Fault Response critical - 95% calls within 2hrs; major - 85% calls within 4hrs; minor - 75% calls within 8hrs Credit is offered if we do not meet this commitment Web Security .cloud – January 2011 AntiVirus Protection 100% protection against known viruses Credit is offered if a client infected by a virus Latency Average scanning time of 100% of web content is within 100 milliseconds Credit is offered if latency exceeds 100 milliseconds Service Availability 100% uptime Credit is offered if availability falls below 100% Client may terminate if availability falls below 95%
- 36. Web Security.cloud Roaming Use Cases VPN User Payment authorization traffic VPN Traffic Hotel/ Hotspot Internet Data center Web Security .cloud – January 2010 Corporate LAN Non-Corporate LAN Roaming Web User
Hinweis der Redaktion
- Common Web Security challenges that organizations are facing today include: Malware – malicious software designed to steal information or system resources. Without proper defense measures, web-borne malware can cause system downtime, cause data loss, or reduce productivity. Web Misuse – can reduce employee productivity, consume valuable bandwidth resources, and introduce legal risks to organizations in cases where inappropriate material is being viewed by users in view of peers. Enforcing a Web Acceptable Use Policy – implementing a Web Acceptable Use Policy is critical for controlling web misuse. However, without the proper tools, policies are difficult to monitor and enforce. An Increasingly Mobile Workforce – Remote workers and the need to travel for business have made protection for users who access the Web away from the corporate LAN a necessity for many businesses.
- (Note: Please update this slide with the current month ’ s statistics from MessageLabs Intelligence) This slide demonstrates the trends so far in 2010 reported by MessageLabs Intelligence. What you ’ ll notice is that: The volume of blocks has increased 20 % since 2009 The volume of sites with spyware and web-borne viruses is significant 90% of the domains blocked by our service are from legitimate domains that have been compromised. It is important to note that certain Symantec.cloud competitors do not address the remaining 10% due to a dependence on URL filtering alone. Because our service is able to scan all Web content for threats, we are able to provide a more effective defense.
- Workplace Web misuse is another issue organizations must manage to minimize risk and maximize productivity. The analyst community agrees: Web misuse can be expensive impacting both bandwidth and productivity MessageLabs Intelligence has found that many of the blocks that are enforced by our service prevent Web misuse in several forms (reference above information) What is the answer to this problem? Comprehensive URL Filtering that can control Web traffic, prevent bandwidth waste and enforce your policies to protect productivity
- The growing adoption of Web 2.0 and Social media is another area to consider when determining your Web policies. (reference the above statistics) These sites can be addressed using the URL Filtering components of our service by creating rules which block or restrict their use during lunch hours or by placing quota limits upon their browse time and bandwidth consumption.
- Web Security.cloud helps protect your organization from Web-borne threats and enables the control, monitoring and enforcement of Web Acceptable Use Policies with minimal latency. Automatically updated anti-malware layers block threats safely away from your network while URL filtering policies and Web traffic quota limits reduce Web misuse and help you protect your bandwidth. Key features include: Multi-layered anti-virus and anti-spyware defenses – we use multiple commercial scanners and our own patented Skeptic heuristic technologies to detect known and unknown malware threats. We can also detect bots trying to ‘phone home’ for instructions. Skeptic and converged threats - also gathers and shares threat intelligence across our email, Web, and IM security services. Distributed architecture – Our architecture uses globally distributed load balanced servers and caching techniques to maximize availability and deliver service with minimal latency URL Filtering - A highly configurable URL filtering policy engine is included with the service to aid in quickly establishing policies and rules for productive Web use. Enables you to create and enforce a Web Acceptable Use policy with rules based on Website categories, content types, and overall usage levels for Web traffic requests to adhere to when submitted by a user. Helps protect corporate bandwidth and productivity by blocking or restricting downloads of certain file types and placing time and volume limits on Internet consumption Roaming user support options – allows protection and policy enforcement to be applied to users when they are outside the corporate network Dashboard, summary and detailed reporting - is available to provide insight into Web usage and service effectiveness.
- This slide will help you understand how Web Security.cloud works. Web Security.cloud examines the web traffic requests your users initiate and checks them against the policies you create. If a policy rule is triggered, the web request is either logged and allowed to pass or is denied. If no policy rules are triggered the web request is allowed to pass Web page requests are retrieved and scanned by Symantec.cloud using multi-layer malware scanning technologies. If a threat is detected, the web page request is denied and the user is notified with a message in their web browser (which you may choose to customize) If no threats are found, page content is delivered with no noticeable delay
- Do you have “road-warrior” workers? Frequent travelers? Are you worried about security for these users when they are outside of your network? Today’s workforce is increasingly mobile and almost anywhere can be a workplace. Smart Connect for Web Security.cloud helps you protect these users in a variety of environments and aids in enforcing your Acceptable Use Policies for users who are located away from your corporate LAN.
- Smart Connect provides several distinct values to customers with highly mobile workers
- This slide lists a few of the benefits that can be seen from using the Web Security.cloud Service (follow the content above)
- With several choices in a hosted security service for your Web users, what makes the Symantec.cloud solution unique? (Follow above content)
- Web Security.cloud is delivered using a global infrastructure which is designed to provide highly secure, available and reliable delivery of your service.
- One of the benefits of selecting Symantec.cloud as your hosted services provider for Web Security is the fact that we also provide a broad portfolio of other integrated services which can be paired with your service. The result is a comprehensive and unified approach that saves you time, is scalable to your needs and is provided from an industry leader in hosted services.
- Web Security.cloud stands out against the competition for a variety of reasons including: Our service delivers multi-layered protection without noticeable delay to your users Our URL filtering is highly accurate and posesses over 80 categories to select from, resulting in a low volumes of unclassified sites. Our service is delivered using a truly global, highly available infrastructure. Our infrastructure allows us to provide the service to you with minimal latency – something we also back up with our industry leading SLA. Web Security.cloud provides a means to make web use in your organization productive and compliant with the company Web Acceptable Use Policy. A hosted service, Web Security.cloud leverages multiple commercial scanning engines, blocks threats away from your network, can be deployed rapidly, requires no on-premise hardware or software, is updated automatically, is highly available, and offers a the advantage of predictable costs that can be covered through an OPEX budget. Support for roaming and remote users is available to help you protect and enforce policies for your users when they are located away from your corporate LAN. Our industry leading Service Level Agreement provides money back remedies if performance levels are not met.
- An important Symantec.cloud differentiator is our ability to provide converging threat analysis. Here we see a few examples of threats that were delivered using various protocols. It’s important to note that these work in conjunction with one another to attack customers from multiple points of entry and achieve the same goal of exposing them to dangerous malware In the first example, an email that is meant to appear legitimate and is intended to appear as having been sent from a trusted sender contains a Web link which will direct the recipient to a malicious website. In the second example, an instant message has been sent from another user’s messaging client to someone on their contact list in order to make the attack appear as having been sent by the friend, colleague or acquaintance. The final example is a website that while appearing legitimate, is in fact, compromised and contains/ is hosting malware
- Workplace Web misuse is another issue organizations must manage to minimize risk and maximize productivity. The analyst community agrees: 1.the browser is a prime gateway for attackers to leverage and 2. Web misuse can be expensive impacting both bandwidth and productivity MessageLabs Intelligence has found that many of the blocks that are enforced by our service prevent Web misuse in several forms (reference above information) What is the answer to this problem? Comprehensive URL Filtering that can control Web traffic, prevent bandwidth waste and enforce your policies to protect productivity
- Gartner Magic Quadrant for Secure Email Gateway, Peter Firstbrook, Eric Ouellet, April 2010 Gartner Magic Quadrant for Secure Web Gateway, Peter Firstbrook, Lawrence Orans, January 2010 Ranked #1 by IDC for Worldwide Messaging Security Hosted Services with revenue nearly 2x that of the next closest provider. (Burke, Brian. IDC Market Analysis, “Worldwide Messaging Security 2009 – 2013 Forecast Update and 2008 Vendor Shares: Is Virtual a Reality?” July 2009, IDC #219270)
- Hackers and Cyber-criminals often execute converged attacks, which leverage multiple communication protocols. A common approach is to use an email or instant message to convince a user to click on a URL, which takes a user to a spoofed or compromised web site. In fact, according to Symantec and MessageLabs research, more than 90% of email is spam, and more than 90% of spam emails contain a URL.
- A hosted approach to Web security enables customers to receive the benefits of an appliance based solution but a more affordable option that includes unlimited scalability and an easier means of controlling risk and cost. Let’s compare Web security deployment options: Blocking threats outside the network – On premise/appliance solutions look at content locally while Symantec.cloud services block threats at the Internet level, away from your network. Automatic URL, virus signature, and product updates – On premise/appliance solutions require regular signature and URL categorization updates, which need to be monitored by your staff. In addition, to access new features and fix bugs, administrators need to apply patches or manually deploy upgrades. Symantec.cloud services handle these activities automatically, leaving your resources free to focus on more critical business operations. Roaming User traffic not routed through corporate network – On premise/appliance solutions typically require roaming user traffic to be routed through the corporate network in order to flow through a gateway device before reaching a target web server. Web Security.cloud allows roaming users to send web requests directly through our service. Predictable costs – On premise/appliance solutions have significant upfront costs and require staff time to perform support and maintenance. Symantec.cloud services have a regular and recurring monthly cost which covers maintenance and support providing a means to budget and anticipate costs. Rapid deployment – Implementing on premise/appliance solutions can require IT resources to manage hardware purchasing, shipping, software downloads, configuration, and testing. Often this work needs to be performed in multiple physical locations. Web Security.cloud service can be deployed in hours. Service level agreements - On premise/appliance solutions typically lack service level commitments for performance. Our SLA provides money back remedies if performance levels are not met. Unlimited scalability- On premise/appliance solutions require additional equipment, software licenses and deployment costs to scale as user populations and coverage needs increase. MessageLabs hosted services are easily and quickly scaled to growing needs and new users can be quickly added regardless of site location. Built-in high availability- On premise/appliance solutions can experience failures and downtime, which expose your business to periods of risk until repairs are made. Symantec.cloud services are delivered through our global network of data centers to ensure high availability and minimal latency. Complimentary 24 / 7 support- On premise/ appliance solutions often require an additional contract or per incident fees for support while Symantec.cloud services include support as part of your subscription.
- Do you have users who are small, or home office users? Remote Connect for Web Security.cloud helps you to protect these users who are less mobile, yet not located on your corporate LAN. Remote Connect helps you to extend protection and policy enforcement to these workers as if they were inside your corporate LAN
- Threats are converging across many protocols making one form of defense not always enough. Symantec.cloud combines a single management console with a common threat detection architecture that integrates across hosted Web, email and Instant Messaging services. Detecting threats across these protocols and through our global infrastructure allows Symantec.cloud to rapidly detect new dangers. Using Symantec.cloud as your one-stop source for all of your security needs also delivers the benefits of having one trusted supplier, and uniting your service management under one intuitive interface saving you time and money.
- Web Security.cloud is managed through an online portal known as ClientNet. The portal can be used to manage multiple Symantec.cloud services and provides you with reporting, policy management, user administration and online help functionality.
- The portal features comprehensive reporting options for your service. Dashboard, Summary and Audit reports are available to help you monitor user activities and the performance of the service. (Summary and Audit reports may be performed with fixed or custom date ranges)
- Detailed Reports are available and include several options to help you monitor the activity of the service
- The dashboard is a quick at-a-glance view of your service ’ s activities and helps you to see recent trends.
- Our URL filtering policy engine features over 80 categories to select from, and supports multiple categories for a single URL. This means you are able to create comprehensive and granular policies for your users to support the enforcement of your Acceptable Use Policies
- Our URL Filtering is also flexible and configurable to help you address the needs of different users and groups
- A URL lookup tool is also provided that aids in creating custom policies quickly and easily
- Another helpful capability is the option to configure policies for users and groups that restrict access based on categories, specific sites, time of day, browse time and bandwidth consumption. This can be a particularly helpful way of protecting bandwidth and preserving user productivity.
- So what do we do? We operate in the email and web security markets protecting our customers from threats such as viruses, spam and inappropriate content Essentially there are 3 main models to provide security in this area. - Software, the traditional solution which sits at the desktop or server on the right had side of this visual - and remains the principle focus of the likes of Symantec and McAfee. - Appliances which combine software and hardware and have some advantages in terms of ease of configuration and use. And - Managed services, which in the case of Symantec.cloud and some others, sit ‘ in the cloud ’ closer to the source of the threats. It is important to state that we do not advocate getting rid of desktop software, which still has part to play in an overall security solution Symantec.cloud focuses exclusively on services because we believe it has a number of inherent advantages as outlined on the slide:- - Fundamentally services and esp ML do a better job of protecting the customer because sitting where do we are closer to the threats and there are clever things we can do around identifying them. We back this up with the strongest SLAs in the industry. - Services are quick and easy to set up have a totally predictable cost and a lower TCO because you are essentially outsourcing your security to experts who can benefits from economies of scale. - Our service works independent of your OS or technology platform and you can have better load balancing of traffic and redundancy across our global network shown on the right there. - And lastly because we filter out all the rubbish before it gets to you, you use less bandwidth and put less strain on your systems (mail servers etc).
- Email (7 slas), Web (3 slas), Archiving (2 slas), and Support (1 sla).
- Hosted Services are particularly well-suited for the challenges and needs of businesses trying to address messaging security.
- Note: not to be shared without an agreement in place.