Upload
trevor-ford
View
217
Download
0
Tags:
Embed Size (px)
Citation preview
The challenge
• Legitimate sites are now the biggest source of malware, safe surfing practices are not enough.
• Even legitimate websites, inadvertently spreads malware or act as phishing sites
– Ad networks– Exploited sites– Inserted malicious content– Drive-by infections
A trend that we have observed is that hackers will insert their malicious code into legitimate JavaScript hosted on the website.
- nakedsecurity.sophos.com
“The Web has become the new threat vector of choice by hackers and cyber criminals to distribute malware and perpetrate identity theft, financial fraud and corporate
espionage.” -- IDC
Attackers often use websites to conduct phishing attacks or distribute malware(…) In many cases, these sites are legitimate websites that have been compromised by malware, SQL injection, or other techniques in an effort by attackers to take advantage of the trust users have invested in them.
- Microsoft Security Intelligence report 14
Avenues of Attack
• Top Five Categories for Entering Malware Networks by Percentage of Requests
Source: Blue Coat Systems 2012 Web Security Report
June 2012:9500 new malicious websites every day
The Solution: Norman SecureSurf
• Easy-to-use Web Security solution for businesses of all sizes
– Prevents web-based infections by monitoring websites for malicious content
– Increase productivity of your company by regulating internet usage through category-based web filters.
– User friendly interface including extensive statistics and reports.
• Hosted service– No installation of software / hardware
required– Set up on the fly, fully functional within hours
Layered Security – Stronger Protection
Categorization
Built-in malware
protection
Client security
Prevent access to unwanted
sites
Protects against
infections on allowed
sites
Increases the level of protection
Categorization – First line of defense
Shopping
Gambling
Business
IM
Security
Business
Web Filter
Porn
Secures The Network
Environment
Manages Bandwidth
Enforces Business-focused Internet
Access
Reduces Liability
Built-in malware protection
UnprotectedAll traffic allowed to the end-users
Protected with SecureSurfAll Web addresses are tested against a continuously updated list of malicious websites, blocking them immediately
Client protection
Clear warning
directly in web browser
Stay protected, even when
you’re out of the office *
* Requires local installation of SecureSurf agent
Clear end-user information
Why Web Protection as a Service?
• Lower upfront costs • Ease and Speed of Deployment
– No on-site hardware or software to maintain, upgrade, or support
– Simply redirect Web traffic• Fixed operational expense instead of a
capital expense
• Protect your users, even when not in the office
Cloud-based Web Protection
• Features & Benefits– Shields networks from malware,
adware and viruses – Protects employees; improves
productivity – Allows filtering at company or
workgroup level– Easy set up and deployment– Intuitive browser-based Web
Portal Access for Administrators
Customized filteringPre-defined
restriction groups
Customize your own filter
Block or allow based on domain name, country or
category
Protect even when out of the office
Protect your networkby enforcing SecureSurfDNS through DHCP or SecureSurf agent
SecureSurf server
Protect remote usersby enforcing SecureSurf DNSthrough SecureSurf agent
Agent allows for individual policies
SecureSurf
Agent allow for individual policies
and protects mobile users when they’re not in the
network
Block access on network level
SecureSurf – Summary
• Easy-to-use Web Security solution for businesses of all sizes
– Prevents web-based infections by monitoring websites for malicious content
– Increase productivity of your company by regulating internet usage through category-based web filters.
– User friendly interface including extensive statistics and reports.
• Hosted service– No installation of software / hardware required– Set up on the fly, fully functional within hours
• SecureSurf agent– Protect your users, even when they’re not connected
to the company network
DNS redirection
• SecureSurf is based on DNS redirection
• DNS server checks if requester is known.– If known requester, it will filter
• Malicious content– Domain and IP reputation– URL reputation– Zero-hour info
• Categories based on filters
SecureSurf implementation
• Network– Apply policies and filters to entire
network – Every end user is protected by the
same policy– Allows protection for multiple networks
• Agent– Apply policies and filters to individual
end users or groups– Allows for customization – Meets the needs of each department or
employee– Great for remote users (e.g., Sales)
SecureSurf Soft Components
Networks
Policy
Domain & IP Reputation
Tests
Computers
Users
URL Reputation
Zero-Hour
Categorization
Allow
Actions
Proxy
Block
Categorization engine tags requests based on
the destination.
Multiple sources of reputation data are
used.
Allow / Block Lists
Policy is applied in order by User, Computer OR
Network.
SecureSurf
Proxied blocked pages
• When page blocked due to malicious content or category filter:– End-user will be re-directed to proxied web page– Including information on why page was blocked