Every web browser action affects your business. More and more jobs require Internet access, and more opportunities exist for inappropriate use, decreased network availability, and back doors for viruses and malicious code. Traditional network security defenses are polar, they accept or block content. Granular control is a new option, providing the benefits of a new technology to remove the risks.
Firewalls provide network security and often leave Port 80 for web traffic open. What was once the “World Wide Wait” is now the “World Wide Water Cooler” with opportunities and threats woven together. User level control with granular policies for content is the new security challenge.
When users are typing away at their computers the opportunities and threats are woven together in an Internet fabric. Users sound busy, however many actions on the Internet are social time sinks, reduce network availability, open back doors and pose legal liabilities.
Software-based proxies were the starting point, however continuing innovation has left them behind for many reasons: Lack of performance, scalability, ease of management, and security Unable to handle web applications like streaming, P2P, and Instant Messaging Limited authentication support Significant management costs, deployment difficulties and patch efforts Do not scale to meet today’s enterprise traffic demands Software on top of general purpose file based OS using general purpose PC hardware is not keeping pace. Secure proxy appliances use a high-speed web-object based OS on purpose built hardware for enterprise performance, features and lower TCO.
ProxySG is our flagship product that gives organizations total visibility and control of all Web communications. 1. Custom built OS, SGOS 2. Designed for object handling, the fundamental element of all Internet content 3. Ability to apply policy in real-time due to patent pending technologies, enabling wire-speed performance 4. Optimized performance by delivering approved, scanned content from an integrated cache ISCA certification means our solution has passed security analysis, vulnerability and intrusion tests, and provides secure administrative options with read-only logs. Because it’s an appliance, it installs easily and requires little on going maintenance. MORE SCRIPT IDEAS Cue up the experience issue early Explain the product briefly Purpose built custom based object OS Wire speed performance Wire speed performance comes from years of developing our web-object based OS that leverages our policy processing and technologies unique to the proxy market…making ProxySG a price/performance leader. Transparency comes from a wide array of proxies, and reliability comes from software based bridging, pass-through network cards, and active-active high availability with 3-tier enterprise management. Unique to ProxySG, central policy management for the six communication types listed exists in ONE management interface, providing tremendous leverage to solve multiple issues with one solution. Partnering with leading Anti-Virus and Content Filtering vendors provides customers “best in class” choices with ProxySG. Many customers choose ProxySG to solve one or two issues knowing the other options are available when required…an architecture to build upon.
The ProxySG architecture consists of the following: Purpose-built custom operating system (SGOS) Secure, high-performance foundation built for web-objects with caching and enterprise reliability Secure Proxy with integration across multiple simultaneous authentication systems, and customizable logging options LDAP, RADIUS, NTLM, AD, 2-factor, etc. Transparent proxy implementation – no changes required to clients Only proxy vendor to provide encrypted credentials acquisition for users and admins Policy Process Engine (PPE) that interprets policy to know who, what and when to control Leverages cache of approved or scanned content Advises, coaches and enforces acceptable use policies Security Services for today’s content issues with the ability to expand Content Filtering on ProxySG has a lower TCO, increased performance with cached content, and granular policy controls Web Virus Scanning on ProxySG has a 10x performance improvement and lower TCO than software based solutions IM Control provides enterprise granular policy control for all leading IM vendors (AIM, MSN, Yahoo!) Peer-to-Peer file sharing blocking of traffic and client downloads Pop-Up ad blocking with the ability to accept use for enterprise applications (ex. Outlook Web Access) Technology Partners for a best in class choice of leading vendors Nine Content Filtering URL databases run “on-proxy” Virus Scanning – ProxyAV with McAfee, Kaspersky, Sophos or Panda AV engines Integrated purpose built hardware appliances Performance, Scalability, Ease of management Enterprise Policy Management Policy administration (GUI or CLI), multiple appliance management Director, enterprise Reporter
This is a summary of proxy services for ProxySG, review our SOLUTIONS presentation for more details.
Visual Policy Manager One interface for all policy controls Device configuration and management Policy development and management GUI or CLI Director Configuration and policy across network of Blue Coat appliances (up to 500) Ability to roll-out, backup and restore previous policies Reporter Reports can be viewed via a browser with options for authentication (LDAP, username/password) and role-based viewing allowing users to view specific reports. Custom reports can be created along with pre-defined reports such as: User Reports – track web user usage patterns regardless of location or application, Show access summaries, blocked sites, accessed by category and more. Network Traffic Reports – measure web traffic performance trends, errors, bandwidth, impact, streaming traffic levels and more. Security Reports – evaluate security risks and track user activity that is potentially dangerous. Quickly determine which users have accessed malicious content and report on activity into and out of firewalls. Instant Messaging Reports – evaluate security risks and track user activity within all major Instant Messaging protocols that may violate company policy or industry regulations. Top Ten Summaries – list top 10 sites accessed, users, categories, content types, and more.
Blue Coat provides you a range of proxy appliances to support smaller branch offices on up to the largest enterprise implementations. Each is based on our custom operating system, SGOS, meaning the same comprehensive set of functionality for controlling Web communications is provided in each platform. And, each enables the granular policy enforcement demonstrated today along with wire speed performance with very little maintenance and virtually no patching. Name drop: The entire country of Saudi Arabia is granted Internet access through our proxy appliances. [NOTE: Use Other customers that you are familiar with eg, CompUSA, US Air Force, etc]
Annual report from IDC, Blue Coat has 30% market share…and is the faster growing vendor. Growth curve supports transfer for software based solutions moving to appliances with lower TCO and integrated features. Content continues a high growth curve on the Internet as Spyware, Instant Messaging and P2P file sharing set new records for use & abuse.
Blue Coat is an enterprise grade solution with a background in large scale ISP data centers. Some of the largest and most successful enterprises deploy Blue Coat to control Internet communications. Case studies and customer press releases are located on the Blue Coat website – www.bluecoat.com – for more details.
At Blue Coat, we focus on the security threat from within: your employees. Your users. Some of which are like Bob Kent who works for “Edge Corporation” They are actually considered good employees, but some times do bad things – intentionally or unintentionally - on the Internet. At Edge Corporation, where bob works, the IT manager recently installed a Blue Coat ProxySG. (The #1 proxy appliance and the proxy product of choice according to Gartner). Lets now join Bob, a typical employee not too unlike you and me, and see how his Internet experience has changed…
Blue Coat is #1 for many reasons… Increased Internet content and application growth requires granular control beyond blocking Inline performance, transparency and low TCO are market requirements Granular policy control for web communications via the “best in class” secure proxy available today Enterprise reputation with solid customer successes around the globe
This is the Blue Coat Systems OVERVIEW presentation as of July 2005.
Bluecoat Presentation – Turn on the sound on your Computer
Visibility. Then Control. Keep good employees from doing bad things on the Internet
Everything Web <ul><ul><li>Web Browser Has Become the Universal Interface </li></ul></ul><ul><ul><li>Answer is to control, not just block </li></ul></ul>P2P file sharing Audio/Video Streaming Spyware Web email Instant Messaging P2P file sharing Web surfing Instant Messenger P2P file sharing But Brings Business Risks! <ul><ul><li>Network Abuse </li></ul></ul><ul><ul><li>Back Door Viruses </li></ul></ul><ul><ul><li>Inappropriate Use </li></ul></ul>
Firewalls Keep the Bad Guys Out Public Web Servers Intranet Web Servers Public Internet Firewalls block at the perimeter . . . Firewall Users Internal Network But they are not designed to control at user level Hackers
Proxy Keep the Good Guys Good Public Web Servers Intranet Web Servers Internal Network Users Firewall Proxy Public Internet <ul><ul><li>Total Visibility and Control of All Web Communications </li></ul></ul>Restrict or control access to unproductive web sites Stop viruses from webmail (Yahoo, Hotmail, etc) and IM Keep intellectual property from getting out over IM “ Splash page” for acceptable Internet use policy Stop web content such as .vbs, .exe Stop viruses from webmail (Yahoo, Hotmail, etc) and IM Keep intellectual property from getting out over IM Log and archive IM traffic by individual text messages Prevent downloading of copyrighted MP3 files Control pop-ups, ads, and spyware Users Restrict or control access to unproductive web sites “ Splash page” for acceptable Internet use policy Stop web content such as .vbs, .exe Log and archive IM traffic by individual text messages Prevent downloading of copyrighted MP3 files Control pop-ups, ads, and spyware
Proxy Appliance for Performance & Security Proxy Appliance <ul><li>Wire-Speed Performance </li></ul><ul><li>Scalable </li></ul><ul><li>Secure </li></ul><ul><li>Easy to Manage </li></ul><ul><li>Latest Web Functionality </li></ul>Software Proxy Server <ul><li>Low Performance </li></ul><ul><li>Poor Scalability </li></ul><ul><li>Security Holes </li></ul><ul><li>Hard to Manage </li></ul><ul><li>Lacking Functionality </li></ul>
Introducing Blue Coat Proxy SG Purpose-built proxy appliance providing granular control with wire-speed performance Advise. Coach. Enforce.
Proxy SG Visibility. Control. Performance. Technology Partners On-Proxy URL Filtering Web Anti-Virus Anti- Spyware Services IM, Streaming & P2P Control Reverse Proxy Proxy AV Enterprise Policy Management SGOS ™ Object-based OS with Caching Authentication, Authorization, Logging Proxy Custom OS Policy Processing Engine Policy ISS
Enterprise Policy Management Distribute Policy Monitor & Report Set & Enforce Policy Reporter Visual Policy Manager Director Corporate Web Policy
Complete Range of Proxy Appliances Proxy SG 400 Series Proxy SG 800 Series Proxy SG 8000 Series Performance Remote Offices Up to 250 users 100-2000 users 1000 - 50,000+ users WAN Throughput Connected Users Up to 15Mbps 15Mbps-80Mbps 80Mbps -300+ Mbps Corporate Headquarters Proxy SG 200 Series
Leader in a Growing Market Segment Blue Coat #1 Leader with 30% Market Share Source: IDC - Worldwide Secure Content and Application Delivery 2005-2009 Forecast and Analysis Worldwide Secure Content Management Appliance Revenue, 2001-2007 ($M) ($M) 2001 2002 2003 2004 2005 2006 2007 200 0 400 600 800 1,000 1,200 1,400 1,600 1,800 Blue Coat as the fastest growing vendor in the Secure Content and Application Delivery market among Cisco, Network Appliance and Microsoft. Blue Coat achieved 77% year-over-year growth and 30% share of the market.
World’s Major Institutions Trust Blue Coat Energy, Oil & Gas Government Financial Mfg/Industrial Consumer & Retail Health & Pharmaceuticals
META Group: Proxy Appliances Needed <ul><li>“ Establishing a security solution to address the appropriateness of content and its usage has quickly become a legitimate business issue, due in part to productivity, liability, and privacy concerns. </li></ul><ul><li>A separate solution focused on user and content control, ideally based on an appliance platform and a proxy architecture , will be warranted for most organizations.” </li></ul><ul><li>Mark Bouchard </li></ul><ul><li>Senior Program Director </li></ul><ul><li>META Group </li></ul><ul><li>The META Group white paper “The Growing Security Threat: Your Employees” can be obtained by visiting http://www.bluecoat.com/downloads/whitepapers/security_threat.html . </li></ul>
Introducing Bob Kent <ul><li>Bob Kent works for Edge Corporation. </li></ul><ul><li>Bob is a “good” employee, but unfortunately likes to do “bad” things on the Internet. </li></ul><ul><li>Let’s see what happens now that Edge Corp has installed Blue Coat proxy appliances … </li></ul>Visit www.bobkent.net CARTOON from the left coast FUN look at web browsing (for mature audiences only) “ Free network, free music, Oh yah!” -Bob Kent Visit www.bobkent.info Flash Movies & Demos Spyware Prevention, WebAV, Reverse Proxy, Original Bob Kent
In Control with Blue Coat <ul><li>Keep “good” employees from doing “bad” things on the Internet </li></ul><ul><ul><li>Everything web leads to increased risks </li></ul></ul><ul><li>Blue Coat is #1 proxy appliance leader (IDC) </li></ul><ul><ul><li>Custom, object based OS with caching enables wire-speed performance </li></ul></ul><ul><ul><li>Advise, coach and enforce with flexible policy controls down to the user level </li></ul></ul><ul><ul><li>Shipped more than 20,000 proxy appliances worldwide </li></ul></ul><ul><li>Do you know what your employees are doing on the Internet? </li></ul><ul><ul><li>Find out with a “Web Traffic Assessment” </li></ul></ul><ul><ul><li>Plus learn about Spyware prevention </li></ul></ul>
A particular slide catching your eye?
Clipping is a handy way to collect important slides you want to go back to later.