ISB13 Web security deployment options - which is really ...vox. B13.pdfWeb security deployment options - which is really best for you? ... Symantec Web Gateway .cloud web security ... Symantec Web Gateway Web Security .cloud

  • Published on
    11-Mar-2018

  • View
    214

  • Download
    2

Transcript

  • 1

    ISB13 Web security deployment options - which is really best for you?

    Duncan Mills, Piero DePaoli, Stuart Jones

    Web Security Deployment Options

  • SYMANTEC VISION 2012 Web Security Deployment Options 2

    The threat landscape 1

    Why Symantec web security 2

    Generic differences to consider when choosing a platform 3

    Why there are functionality differences across platforms 4

    Driving priorities to obtain feature parity where possible 5

  • SYMANTEC VISION 2012

    Threat landscape continues to worsen

    Web Security Deployment Options 3

    Malware Attacks Rising

    Targeted Attacks Expand

    Mobile Threats

    Expose All

    Data Breaches

    Rising

  • SYMANTEC VISION 2012

    Web malware continues to rise

    Attack tool kits continue to flourish

    Increase efficacy of known vulnerabilities

    Web Security Deployment Options 4

  • SYMANTEC VISION 2012

    Which website is more dangerous?

    Web Security Deployment Options 5

  • SYMANTEC VISION 2012

    Most harmful websites by categories

    Web Security Deployment Options 6

    Sites with poor security become easy targets for malware authors

    Some businesses understand customers will not visit sites that infect them

  • SYMANTEC VISION 2012

    Social engineering is effective in social media

    Web Security Deployment Options 7

    Users willing to help infect themselves

  • SYMANTEC VISION 2012

    Symantec is #1 Leader in Security Software

    Based on 2011 Gartner Estimate of Worldwide, Revenue Market Share

    Market Share Analysis: : Security Software, Worldwide, 2011, April 12, 2012, Ruggero Contu, Matthew Cheung, Gartner

    Web Security Deployment Options 8

  • SYMANTEC VISION 2012

    Symantec Global Intelligence Network Turning intelligence into protection

    Global Intelligence

    Network

    Strongest Web Protection

    4

    Insight protects against new, mutated, & targeted malware

    Insight is powered by 210M users, 3.1B files

    Botnet and infected client protection

    Block connections to Malicious IPs & URLs

    Advanced Malware Detection

    2

    Malware intelligence from > 130M systems

    Heuristics examine file attributes and vulnerability exploit attempts

    Blocks new and unknown threats

    Power of the Cloud

    1

    Real-time analysis of spam and malware traffic in the cloud with Skeptic

    Drives enhanced heuristic and signatures

    Drives global intelligence across products

    > 99.85% effectiveness

    < 1 in a million false positives

    400 million IPs - known spam and safe senders

    Stop marketing email

    Machine learning & URL intelligence prevent phishing

    Strongest Email Security

    3

    9 9 Web Security Deployment Options

  • SYMANTEC VISION 2012

    Symantec Global Intelligence Network Turning intelligence into protection

    Web Security Deployment Options 10

    Source: IDC, Worldwide and U.S. Security Service Threat Intelligence 2011-2014 Forecast: Out of the Basement and into the Clouds.

  • SYMANTEC VISION 2012

    Many of the differences between cloud-based and on-premises web security platforms are generic and not vendor specific

    Web Security Deployment Options 11

  • SYMANTEC VISION 2012

    Map your business requirements to your web security deployment platform

    Web Security Deployment Options 12

    Areas of consideration when choosing a web security deployment platform

    Flexibility and total cost of ownership

    Current and future IT

    environment

    Security and regulatory

    requirements

    Key functionality

  • SYMANTEC VISION 2012

    Map your business requirements to your web security deployment platform

    Flexibility and total cost of ownership

    Web Security Deployment Options 13

    Organisation Requirement Hardware appliance

    Virtual appliance

    Cloud SaaS

    Capital or operational expenditure Capex Both Opex

    Predictable per-user costs

    Easily scales to accommodate additional load

    Fast implementation

    Easy to maintain

    Free up staff to focus on core business activities

    Minimal additional cost of HA and DR

  • SYMANTEC VISION 2012

    Map your business requirements to your web security deployment platform

    IT environment

    Web Security Deployment Options 14

    Organisation Requirement Hardware appliance

    Virtual appliance

    Cloud SaaS

    Reduce organisations data centre costs

    Distributed network with lots of branch offices

    Protect and enforce web AUP on roaming users

    Increase ROI of existing virtual infrastructure N/A N/A

  • SYMANTEC VISION 2012

    Map your business requirements to your web security deployment platform

    Security and regulatory

    Web Security Deployment Options 15

    Organisation Requirement Hardware appliance

    Virtual appliance

    Cloud SaaS

    Quickly address all privacy concerns

    All data must be stored in a specified country

    Guarantee the security posture of the platform

    Enforce DLP policy before data leaves the network

    Service level agreements N/A N/A

    Provider has local legal jurisdiction N/A N/A

  • SYMANTEC VISION 2012

    Products evolve to meet customer requirements

    Web Security Deployment Options 16

  • SYMANTEC VISION 2012

    Messaging Gateway Hardware or virtual

    Broad messaging & web portfolio

    Internet

    SMTP, HTTP

    Mail Security for Groupware

    PGP Universal Gateway Email

    17 Web Security Deployment Options

    Content Encryption

    Email AntiSpam .cloud Email AntiVirus .cloud Email Image Control .cloud Email Content Control .cloud Email Boundary Encryption .cloud Policy Based Encryption .cloud Web Security .cloud Instant Messaging Security .cloud

    SMTP

    Web Gateway Hardware or virtual

    HTTP / HTTPS and all other ports and protocols

    Data Loss Prevention

  • SYMANTEC VISION 2012

    Map your business requirements to your web security deployment platform

    Functionality

    Web Security Deployment Options 18

    Symantec Web Gateway .cloud web security

    Application control Common management platform for email and web

    Flexible deployment options Client to support roaming users

    Monitors the network for infections

    Scan and enforce policy on HTTPS

    Data loss prevention

  • SYMANTEC VISION 2012

    Client Web

    Symantec Web Gateway Appliance or VM

    Botnet Detection

    Infected Client Detection

    Application Control

    Malware Content Scanning

    URL Content Filtering

    Domain and IP Reputation

    Insight File Reputation

    Symantec DLP Network Prevent for Web

    Web Gateway is more than URL filtering

    19

    HTTP

    HTTPS

    Web Security Deployment Options

  • SYMANTEC VISION 2012

    Web Gateway can be deployed standalone or to complement existing URL filters

    20 Web Security Deployment Options

    Inline

    (Monitoring or Blocking)

    Port Span/Tap

    (Monitoring or Blocking)

  • SYMANTEC VISION 2012

    Cloud-based web security presents some unique challenges that Symantec manages for our customers

    A summer of sports in the UK does it matter to me?

    Web Security Deployment Options 21

    2012 Olympics

    2012 Paralympics

    The Open 2012

    Wimbledon

  • SYMANTEC VISION 2012

    Summer of sports managing demand for online coverage

    Web Security Deployment Options 22

    Olympics

    27 Jul 12 Aug

    Wimbledon

    25 Jun 8 Jul

    Euro 2012

    8 Jun 1 Jul

    Actions taken:

    Architecture hardened

    Additional capacity now on-line

    E-Level discussions with peering and technology partners

    Cross functional team in place to manage potential incidents

    every sport from every location... BBC Olympic Vision

    Predicted 2,500 hrs of online viewing

    1,000 hrs of online exclusive footage (footage that will not be broadcast anywhere but online)

    UK Government advising of possible internet caps & general disruption

  • SYMANTEC VISION 2012

    Development themes drive feature parity between .cloud and on-premises products

    Web Security Deployment Options 23

    Attack toolkits continue to exploit existing vulnerabilities

    Web is a major attack vector 4595 blocked per day in 2011

    Compromised PCs 3m bot zombies monitored in 2011 Protection

    Web is a major vector for data loss

    Only 10% of organizations address outbound threats from well-meaning or malicious insiders

    Control

    Visibility and control of the operating environment, configuration and reporting

    Compatibility with hardware/software components, network protocols, external product integrations, etc

    Management & Platform

  • SYMANTEC VISION 2012

    Recent enhancements were driven by customer requirements and feature parity

    Web Security Deployment Options 24

  • SYMANTEC VISION 2012

    Recent enhancements address customer requirements and drive feature parity

    Web Security Deployment Options 25

    Protection Symantec Web Gateway Web Security .cloud

    Insight file reputation Future

    SSL decryption Future

  • SYMANTEC VISION 2012

    Symantec Insight

    Leverages anonymous telemetry data from 210M+ machines to construct a massive nexus of files, machines and domains

    Tracks nearly every binary in the world

    3.1 billion files, adding 37 million every week

    Uses age, prevalence, source and other attributes to assign a reputation rating to files

    Can accurately identify and block threats even if just a single Symantec user encounters them

    26

    Proactive Protection from New, Targeted Threats

    Bad Safety Rating

    File is blocked

    Good Safety Rating

    File is whitelisted

    No Safety Rating Yet Can be blocked

    Web Security Deployment Options

  • SYMANTEC VISION 2012

    Recent enhancements address customer requirements and drive feature parity

    Web Security Deployment Options 27

    Control Symantec Web Gateway Web Security .cloud

    Enterprise DLP integration Future native DLP

    Rulespace web categorisation Available already

    Added uncategorised site feedback

    Application control enhancements N/A

  • SYMANTEC VISION 2012

    Web Gateway and data loss prevention

    Challenge:

    Customers want to enforce DLP policies over Web traffic

    Web traffic can be SSL encrypted

    Customers want a robust solution from a single vendor

    Solution:

    Connect SWG + DLP Network Prevent for

    Web

    Utilize SWG to decrypt SSL traffic and

    pass content to DLP

    SWG blocks/modifies content based upon

    DLP policies

    28 Web Security Deployment Options

  • SYMANTEC VISION 2012

    Application control and file leakage

    Inspects all internet bound traffic for popular web applications

    Signature Based

    Not reliant on ports

    Supports over 100 Applications and Protocols

    IM, P2P, DB Apps, Remote Access, VoIP, etc

    File transfer protocols, email protocols, network protocols, etc.

    Monitor / Control Application Usage

    Focus on Public IM Safety

    Antivirus scan on files transferred

    Can Allow Chat / Prevent Downloads

    File Leakage

    Control File Uploads/Downloads

    Monitor File Names

    29 Web Security Deployment Options

  • SYMANTEC VISION 2012

    Recent enhancements address customer requirements and drive feature parity

    Web Security Deployment Options 30

    Management and platform

    Symantec Web Gateway Web Security .cloud

    Virtual appliance deployment N/A

    Proxy deployment and caching N/A

    N/A Regional geo location for Smartconnect

    N/A Efficiency improvements to Client Site Proxy

  • SYMANTEC VISION 2012

    Web Gateway virtual edition for easy deployment

    Easy to trial

    Costs less

    no additional hardware required

    Personalised deployment

    mix of virtual and physical to suit your IT infrastructure

    Quickly respond to increase in Web traffic

    dynamic capacity allocation

    Web Security Deployment Options 31

    0%

    10%

    20%

    30%

    40%

    50%

    60%

    70%

    80%

    90%

    100%

    Physical

    Virtual

    Deployment Types (Feb 2012)

  • SYMANTEC VISION 2012

    Future priorities driven by customer requirements and feature parity

    Disclaimer

    Any forward-looking indication of plans for products is preliminary and all future release dates are tentative and are subject to change. Any future release of the product or planned modifications to product capability, functionality, or feature are subject to ongoing evaluation by Symantec, and may or may not be implemented and should not be considered firm commitments by Symantec and should not be relied upon in making purchasing decisions.

    32 Web Security Deployment Options

  • SYMANTEC VISION 2012

    Development themes drive feature parity between .cloud and on-premises products

    Web Security Deployment Options 33

    Protection

    Control

    Management & Platform

    Symantec Web Gateway Web Security .cloud

    Available already HTTPS decryption

    Available already Data loss prevention

    N/A Additional capacity

  • SYMANTEC VISION 2012

    Web Security.cloud data loss prevention

    New DLP Add-on

    Pre-canned policies, leveraging Symantec DLP definitions

    Key resources shared between web and email offerings

    Create policies in test-mode prior to going live - TBC

    Reporting on matched content with surrounding content

    Enhanced granular policy configuration

    Web Security Deployment Options

    34

  • SYMANTEC VISION 2012

    Things to consider when choosing the right deployment platform for web security

    Web Security Deployment Options 35

    TCO

    Flexibility

    Opex or capex and budget constraints

    Resources to maintain and manage on-premises products

    Amount of change is happening within your organisation

    Environment

    Investment in virtualisation

    Numbers of Internet connections and branch offices

    Roaming users support

    Security

    Regulatory

    Regulatory compliance

    Importance of SLAs

    Functionality

    Choice of form factor map to your requirements

    Assess individual products to determine which meets your needs

  • SYMANTEC VISION 2012

    Other sessions of interest

    36

    ISB09 (114, tomorrow 9:00)

    SONAR, Insight, Skeptic and GIN - The Symantec secret sauce

    ISB14 (This room, next session)

    Are You Getting the Most From Symantec Protection Suite?

    ISB11 (114, tomorrow 11:45)

    Demo: integrating Symantec products to get the ultimate protection

    ISB07 (114, tomorrow 13:45)

    The roadmap for Symantec infrastructure protection products

    Web Security Deployment Options

  • Thank you!

    Copyright 2011 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice.

    Web Security Deployment Options 37

Recommended

View more >