M86 Security apresenta Secure Web Gateway

1,026 views
934 views

Published on

Apresentação da M86 Security, realizada durante o Ciab 2011 com foco n0o produto Secure Web Gateway

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
1,026
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
12
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • Malware landscape continues shift to Web-based attacks.Web security now an organizational imperative.Finjan is a recognized leader in SWG and malware defense.The Finjan technology, combined with M86 Email and Web security products, presents a effective solution for both known and unknown threats
  • Malware landscape continues shift to Web-based attacks.Web security now an organizational imperative.Finjan is a recognized leader in SWG and malware defense.The Finjan technology, combined with M86 Email and Web security products, presents a effective solution for both known and unknown threats.
  • Recent data from M86 Security Labs shows the importanceWe usually talk about using the three-legged stool for complete protection: URL filtering Anti-virus (AV)Real-time code analysisWe know that URL filtering and AV signatures have become less effective: it’s all over the newsBut few people really test on live malware. Why? Because it’s their own product.We ran a test on 30,000 live malware URLs in February 2010 and we were astonished by the results Leg 1: we passed 15,000 samples through URL filter: only 3.8% effective; just as bad, about 40% of the sites were shown as good and 60% as unclassified Leg 2: we passed 15,000 samples through three AV applications: the three combined only caught 39% of the malware Leg 3: our real-time code analysis caught 100%What’s the difference? There are two main reasons:These are mostly on legitimate Web sites now, so URL filtering doesn’t helpDynamic code is being used to get around signature-based AV.We have a report up on our Web site
  • Total cost of ownership is reduced by powerful central management with global reach that includes intuitive task-based policy management and drill-down reporting. Integration with existing IT infrastructure is easy for all implementation options.
  • A robust multi-server array with a low total cost of ownership. The flexible and intuitive policy enforcement provides customizable protection from Web threats while allowing detailed control of user Web browsing behaviors.
  • M86 MailMarshal SMTPEmail Gateway Security Provides:Blended threats protection Data leakage prevention/deep content scanning using lexical analysisBest rated anti-spam solution using M86 Defense-in-Depth anti-spam engineTLS email encryptionM86 Secure Messaging Service Cloud-based Email SecurityM86 MailMarshal ExchangeInternal email security for Microsoft ExchangeFilters and Manages Internal, Inbox-to-Inbox EmailM86 MailMarshal Secure Email ServerEmail Gateway Encryption Provides: Encryption Digital signatureOperates With Any Email Gateway that Recognizes S/MIME-encrypted Email
  • Complete control over inbound and outbound email in any environment, resulting in reduced exposure to risk and full email content management. An easy-to-use console, flexible policy framework and reporting tools ensure a high return on investment.
  • Centralized control of encrypted communication between your company and your business partners. Consistent application of policies ensure that sensitive emails never insecurely leave your organization. Automatic harvesting and synchronization of certificates make the product extremely easy to use and maintain.
  • Leader in real-time threat protectionIDC noted we are largest provider of web security appliancesOnly company that’s visionary in SWG and EmailComplete suite of products: Appliance, Cloud, and Software
  • M86 Security apresenta Secure Web Gateway

    1. 1. Internet Security: Malware Update<br />Jose Bodni<br />Director, Latin America & Caribbean<br />Jose.Bodni@M86Security.com<br />
    2. 2. Change in Malware-hosted Sites<br />Blended Threats 1.0<br />Blended Threats 2.0<br />Legitimate Sites<br />Hacker-established Sites<br />Legitimate Sites<br />Hacker-Established Sites<br /><ul><li> Up for Days
    3. 3. Simpler Detection Through:
    4. 4. Domain Restriction
    5. 5. Reputation
    6. 6. Some Change in Viruses
    7. 7. Up for Days
    8. 8. Legitimate Site Passes by Most Web Filters
    9. 9. Polymorphic Viruses Change Many Times Per Day
    10. 10. “New” Malware Never Used Again*</li></ul>*Source: Virus Arms Race, The Register, August 2009<br />
    11. 11. Anatomy of a Blended Threat Attack<br />2) Attacker sends emails with embedded links to malicious Web sites.<br />1) Attacker hacks legitimate Web sites and injects malware.<br />5) Traditional Web filters are bypassed as user is directed to legitimate Web site.<br />3) Email bypasses traditional spam and anti-virus systems.<br />6) User’s computer gets infected with drive-by download and becomes a bot.<br />4) User receives email and clicks on link to malware-infected site.<br />
    12. 12. Customer Challenge for 2011: Web-based Threats<br />Web-based Threats<br />Web malware from legitimate sites*<br />92%<br />1000%<br />84%<br />Increase in Web <br />malware over 2010<br />Of new threats come from the Web<br />*Source: Websense<br />
    13. 13. Customer Challenge for 2011: Web-based Threats<br />Web 2.0 Landscape<br />40-50%<br />Current AV catch rates*<br />Collaboration<br />Tools<br />Social<br />Networking<br />Enterprise<br />SaaS<br />WEB 2.0<br />Social<br />Media<br />Media<br />Sharing<br />Client<br />Applications<br />Interactive<br />Sharing<br />Mass<br />Comms<br />52%<br />10 billion<br />Malware dead within 24 hours**<br />World-wide blended threat emails per day<br />*Source: M86 SecurityLabs<br />**Source: Panda Labs<br />
    14. 14. Why Real-time Detection is so Important<br />M86 Security Labs Report<br />Test: >30,000 live malware URLs<br />Traditional Security:<br />Stool Strategy<br />URL Filtering<br />3.8%<br />effective<br />Three Major AV Vendors Combined<br />39%<br />effective<br />Real-time Code Analysis<br />Six-in-10 threats require real-time code analysis to be blocked<br />Leg 3<br />Leg 2<br />Leg 1<br />Anti-virus<br />Signatures<br />100%<br />effective<br />Real-time Detection<br />(Code Analysis)<br />URL Filtering<br />
    15. 15. M86 SWG: Multi-tiered Threat Protection<br />MALWARE DETECTED<br />Where it comes from?Previously discovered malware<br />websites<br />URL FILTERING<br />3.8% Effective<br />39% Effective*<br />SIGNATURE-BASED<br />ANTI-VIRUS<br />What it looks like?Identified malware signatures<br />What is its intentions?<br />Dynamically analyzes unknown codes for malware-related behaviors<br />100% Effective<br />in detecting known threats and unknown obfuscated malware codes<br />REAL-TIME CODE<br />ANALYSIS<br />Source: M86 Security Labs Report (test based on >30,000 live malware URLs<br />*Three major AV vendors combined<br />
    16. 16. M86 SWG: Multi-tiered Threat Protection<br />What is its intentions?<br />What it looks like?<br />Dynamically analyzes unknown codes for malware-related behaviors<br />Where is it?<br />Identified malware signatures<br />Previously discovered malware websites<br />Block /Allow /Repair<br />Block / Allow<br />Block / Allow<br />Suspect webpage<br />Repaired/Re-constructed web page<br />
    17. 17. M86 Product Overview<br />
    18. 18. Appliances<br />Compliance<br />Strong FoundationCurrent M86 Security Products<br />Products<br />Deployment Options<br />Web Security<br />Messaging Security<br />Reporting<br />Compliance<br />Anti-virus<br />Malware Detection<br />Application Control<br />Anti-virus<br />Malware Detection<br />Outbound Security<br />Encryption<br />Data Loss Prevention<br />Archiving<br />Granular Reporting<br />Real-time Monitoring<br />Software<br />Cloud Service (SaaS)<br />
    19. 19. M86 Secure Web Gateway<br />Unified Web Security <br />Award-winning, best-in-breed, multi-layered, on-site and cloud-based Web security. Patented, active real-time code analysis of inbound and outbound communication, keeping malware out of networks and laptops, while retaining sensitive/confidential data.<br />
    20. 20. M86 Secure Web Gateway<br />Unified Web Security <br />Key Features:<br /><ul><li>Web Security
    21. 21. Real-time Code Analysis
    22. 22. Anti-virus
    23. 23. Anti-spyware
    24. 24. SSL Inspection
    25. 25. Dynamic Web Repair
    26. 26. Data Leakage Prevention
    27. 27. Productivity & Web 2.0 Control
    28. 28. URL Filtering
    29. 29. Application Control
    30. 30. Content Acceleration
    31. 31. Web Caching</li></ul>Total cost of ownership is reduced by powerful central management with global reach that includes intuitive task-based policy management and drill-down reporting. Integration with existing IT infrastructure is easy for all implementation options.<br />
    32. 32. M86 Secure Web Service Hybrid<br />Unified Web Security for the Borderless Organization <br />Hybrid Option for Secure Web Gateway Delivering Mobile/Remote Office Support, Integrated Administration, and On-site Logging/Reporting.<br />Business Benefits:<br /><ul><li>Protect Corporate Data </li></ul> and Systems<br /><ul><li>Reduce IT Web Security Costs with Unified Web Security System
    33. 33. Maximum Scalability and Availability with Cloud-based Amazon EC2 Platform</li></li></ul><li>M86 Secure Web Service Hybrid<br />Unified Web Security for the Borderless Organization <br />Key Features:<br /><ul><li>Real-time Code Analysis for Mobile and Remote Users
    34. 34. Unified Administration, Logging, </li></ul> and Reporting<br /><ul><li>Automated Agent and Certificate Install for Mobile Users’ Certificate Management
    35. 35. Manage Cloud Scanners from Corporation Net Policy Server
    36. 36. No Hardware in Branch Offices</li></ul>Mobile users are protected no matter where they are<br />Branch <br />Offices<br />Main<br />Data Center<br />No hardware in branch offices<br />
    37. 37. M86 WebMarshal<br />Software Secure Web Gateway<br />Software-based Secure Web Gateway solution deployed between an organization and the Internet which provides easy-to-use, scalable and cost- effective real-time content inspection of all incoming and outgoing Web traffic.<br />
    38. 38. M86 WebMarshal<br />Software Secure Web Gateway<br />Key Features:<br /><ul><li>Dynamic URL Filtering
    39. 39. Real-time Lexical Analysis
    40. 40. Anti-virus and Anti-spyware
    41. 41. Blocks malicious Web sites, Spam, Phishing, Blended Threats, and </li></ul> Anonymous Proxies<br /><ul><li>Prevents Data Leakage
    42. 42. Controls Access and Acceptable Use Policy
    43. 43. Controls Streaming Media & IM
    44. 44. Web Proxy Caching & Scheduled Quotas
    45. 45. HTTPS Inspection
    46. 46. Exceeds Compliance Needs</li></ul>A robust multi-server array with a low total cost of ownership. The flexible and intuitive policy enforcement provides customizable protection from Web threats while allowing detailed control of user Web browsing behaviors.<br />
    47. 47. M86 Email Security and Management<br />M86 MailMarshal Exchange<br />Internal email security for Microsoft Exchange<br />M86 MailMarshal Secure Email Server<br />Email Gateway Encryption<br />M86 MailMarshalSendSecure<br />Business-to-consumer Email Encryption<br />M86 Secure Messaging Service <br />Cloud-based Email Security<br />M86 MailMarshal SMTPEmail Gateway Security<br />M86 MailMarshal Service Provider Edition<br />Managed Email Security Service<br />
    48. 48. M86 MailMarshal SMTP<br />Email Gateway Security and Control <br />A versatile, powerful and scalable email security system that is compatible with any network environment. Integrating email threat protection, anti-spam, content analysis, compliance enforcement, DLP and reporting into a single, flexible, easy-to-manage solution. <br />
    49. 49. M86 MailMarshal SMTP<br />Email Gateway Security and Control <br />Key Features:<br /><ul><li>Email Security
    50. 50. Anti-spam
    51. 51. Anti-virus
    52. 52. Anti-spyware
    53. 53. Anti-phishing
    54. 54. Data Leakage Prevention
    55. 55. Secure information
    56. 56. Content Control
    57. 57. Offensive language
    58. 58. Pornographic images
    59. 59. Protect bandwidth
    60. 60. Compliance
    61. 61. Industry standards
    62. 62. Regulatory requirements
    63. 63. Encryption</li></ul>Complete control over inbound and outbound email in any environment, resulting in reduced exposure to risk and full email content management. An easy-to-use console, flexible policy framework and reporting tools ensure a high return on investment.<br />
    64. 64. M86 MailMarshal Secure Email Server<br />Email Encryption Gateway<br />Policy-based secure email solution that provides encryption, digital signing and deep content inspection of inbound and outbound email messages. <br />
    65. 65. M86 MailMarshal Secure Email Server<br />Email Encryption Gateway<br />Key Features:<br /><ul><li>Policy-based Email Cryptography
    66. 66. S/MIME Email Encryption </li></ul>& Decryption<br /><ul><li>S/MIME Digital Signing </li></ul>& Verification<br /><ul><li>Acts as a Certificate Authority
    67. 67. Automatic Certificate Harvesting
    68. 68. Standalone Installation Operates With Any Email Gateway
    69. 69. Certificate Synchronization via LDAP</li></ul>Centralized control of encrypted communication between your company and your business partners. Consistent application of policies ensure that sensitive emails never insecurely leave your organization. Automatic harvesting and synchronization of certificates make the product extremely easy to use and maintain.<br />
    70. 70. M86 MailMarshal Exchange<br />Internal Email Filtering<br />Manages, monitors and controls office email content that travels within a company to ensure a safe, productive working environment and compliance with Acceptable Use Policies.<br />
    71. 71. M86 Security Overview<br />Jose Bodni<br />Director, Latin America & Caribbean<br />
    72. 72. M86 Overview: Who We Are <br /><ul><li>Leader in real-time threat protection and the leading Secure Web Gateway provider
    73. 73. Over 24,000 global customers with more than 17 million users
    74. 74. Products:
    75. 75. Award-winning M86 Secure Web Gateway
    76. 76. M86 Secure Web Service Hybrid, the industry’sfirst hybrid Web security service
    77. 77. M86 Web Filter and Reporting Suite
    78. 78. M86 MailMarshal for SMTP, Exchange and Secure Messaging Service
    79. 79. M86 Security Reporter
    80. 80. More than 400 employees worldwide</li></ul>Real-time Security for the Borderless Network<br />
    81. 81. M86: Recent Milestones<br />Only company with real-time malware detection for both Web and email<br />World’s largest provider of Web Security Appliances*<br />Gartner Visionary in both Web and email Security Magic Quadrants<br />First to market with solution for blended threat attacks<br />First to market with hybrid Web Security Service<br />*IDC Aug 209<br />
    82. 82. Worldwide Customers<br />Professional Services<br />Government<br />Education<br />Healthcare<br />Manufacturing<br />Banking/Insurance<br />Other<br />
    83. 83. Awards and Product Reviews<br />Secure Web Gateway Visionary-<br />M86 Secure Web Gateway<br />Email Visionary- <br />M86 MailMarshal SMTP<br />Technology Audit: SWG<br />Everything Channel Five-Star Rating for Channel Partner Program<br />Gold Winner<br />MailMarshal SMTP<br />10 Most Interesting Product at RSA<br />Vital Web Security Suite<br />Secure Web Gateway Product Innovations Web Security Winner<br />SWG Editor’s Choice<br />Vital Security =Vital Protection<br />Excellence in Web Security Anti-Malware<br />Gateways<br />Vital Web Security Suite<br />
    84. 84. Questions?<br />

    ×