Your SlideShare is downloading. ×
© 2008 The Tolly Group




Document # 208326
The Web Security Challenge:
A Competitive Guide to Selecting
Secure Web Gatew...
WHITE PAPER: The Web Security Challenge: A Competitive Guide to Selecting Web Security Gateways




                      ...
WHITE PAPER: The Web Security Challenge: A Competitive Guide to Selecting Web Security Gateways




                      ...
T
T           H
            H           E
                        E
                                    WHITE PAPER: The W...
T
T           H
            H           E
                        E
                                   WHITE PAPER: The We...
T
T           H
            H           E
                        E
                                     WHITE PAPER: The ...
T
T           H
            H           E
                        E
                                   WHITE PAPER: The We...
T
T           H
            H           E
                        E
                                                      ...
T
T           H
            H           E
                        E
                                   WHITE PAPER: The We...
T
T           H
            H           E
                        E
                                   WHITE PAPER: The We...
T
T           H
            H           E
                        E
                                   WHITE PAPER: The We...
T
T           H
            H           E
                        E
                                  WHITE PAPER: The Web...
T
T           H
            H           E
                        E
                                   WHITE PAPER: The We...
T
T           H
            H           E
                        E
                                  WHITE PAPER: The Web...
T
T           H
            H           E
                        E
                                   WHITE PAPER: The We...
T
T           H
            H           E
                        E
                                   WHITE PAPER: The We...
T
T           H
            H           E
                        E
                                   WHITE PAPER: The We...
T
T           H
            H           E
                        E
                                   WHITE PAPER: The We...
T
T           H
            H           E
                        E
                                 WHITE PAPER: The Web ...
T
T           H
            H           E
                        E
                                   WHITE PAPER: The We...
T
T           H
            H           E
                        E
                                  WHITE PAPER: The Web...
T
T           H
            H           E
                        E
                                   WHITE PAPER: The We...
T
T           H
            H           E
                        E
                                 WHITE PAPER: The Web ...
T
T           H
            H           E
                        E
                                   WHITE PAPER: The We...
T
T           H
            H           E
                        E
                                  WHITE PAPER: The Web...
T
T           H
            H           E
                        E

                                   WHITE PAPER: The W...
T
T           H
            H           E
                        E

                                 WHITE PAPER: The Web...
T
T           H
            H           E
                        E
                                   WHITE PAPER: The We...
T
T           H
            H           E
                        E

                                   WHITE PAPER: The W...
T
T           H
            H           E
                        E

                                   WHITE PAPER: The W...
T
T           H
            H           E
                        E

                                   WHITE PAPER: The W...
T
T           H
            H           E
                        E

                                    WHITE PAPER: The ...
T
T           H
            H           E
                        E

                                  WHITE PAPER: The We...
Terms of Usage
                     USE THIS DOCUMENT ONLY IF YOU AGREE TO THE TERMS LISTED HEREIN.

=      This document ...
Upcoming SlideShare
Loading in...5
×

Web Security Gateway Dec2008

618

Published on

Tolly Group tekniske analyse af forskellige Web Security Gateways. Analysen er baseret på Gartner Buyers Guide for Secure Gateways.

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
618
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
9
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Transcript of "Web Security Gateway Dec2008"

  1. 1. © 2008 The Tolly Group Document # 208326 The Web Security Challenge: A Competitive Guide to Selecting Secure Web Gateways A white paper commissioned by Websense, Inc. White Paper December 2008
  2. 2. WHITE PAPER: The Web Security Challenge: A Competitive Guide to Selecting Web Security Gateways Table of Contents _ÉÑçêÉ=ìëáåÖ=íÜáë=ÇçÅìãÉåí=óçì=ãìëí=~ÖêÉÉ=íç=íÜÉ=íÉêãë=çÑ=ìë~ÖÉK qÜÉëÉ=íÉêãë=~êÉ=äáëíÉÇ=çå=íÜÉ=Ñáå~ä=é~ÖÉK Executive Summary 4 Web 2.0 Effectiveness 7 Manageability and Scalability 9 Policy Interface 11 Reporting Capabilities 13 URL Filtering 15 Malware Filtering 16 Application Control 18 Data Loss Protection 20 Network Implementation 22 Integration with Other Solutions 24 Service and support 26 Test Methodology 28 Alexa 100,000 URL Filtering/Classification Test 28 «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========O
  3. 3. WHITE PAPER: The Web Security Challenge: A Competitive Guide to Selecting Web Security Gateways Table of Contents _ÉÑçêÉ=ìëáåÖ=íÜáë=ÇçÅìãÉåí=óçì=ãìëí=~ÖêÉÉ=íç=íÜÉ=íÉêãë=çÑ=ìë~ÖÉK qÜÉëÉ=íÉêãë=~êÉ=äáëíÉÇ=çå=íÜÉ=Ñáå~ä=é~ÖÉK “Long Tail” or Extended URL Classification Test 28 Phishing and/or Proxy Avoidance URL Detection Accuracy Test29 Binary Exploits and Compromises Detection Accuracy Test 29 Malware-infected URL Detection Accuracy Test 30 Web 2.0-Based Malicious URL Detection Accuracy Test 30 Criteria Evaluation by UI Inspection 31 Interaction with Competing Vendors 32 Appendix: Product List 33 «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========P
  4. 4. T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P Executive Summary The World Wide Web has changed dramatically in the past decade. The use of the Web as an application platform, a communication medium, and a business tool, combined with the migration of attackers onto the Web, demands new solutions to help manage business and mitigate security threats. Enterprise IT managers should carefully evaluate both the ease of management, as well as the effective- ness, of gateway-based Web security solutions against a constantly evolving threat landscape. tÉÄëÉåëÉI=fåÅK=ÅçããáëëáçåÉÇ=qÜÉ=qçääó=dêçìé=íç=Éî~äì~íÉ=áíë=tÉÄ=pÉÅìJ êáíó=d~íÉï~ó=~Ö~áåëí=çíÜÉê=~î~áä~ÄäÉ=Ö~íÉï~ó=ëÉÅìêáíó=éêçÇìÅíëK=qÜÉ=ÅçãJ éÉíáåÖ=éêçÇìÅíë=íÉëíÉÇ=ïÉêÉW=_äìÉ=`ç~í=póëíÉãëÛ=mêçñópd=ONM=~åÇ= mêçñó^s=RNM=~ééäá~åÅÉëI=`áëÅç=póëíÉãë=fåÅKÛë=fêçåmçêí=pSRM=tÉÄ=pÉÅìêáíó= ^ééäá~åÅÉI=qêÉåÇ=jáÅêçI=fåÅKÛë=fåíÉêpÅ~å=tÉÄ=pÉÅìêáíó=pìáíÉ=EftppFI=~åÇ= pÉÅìêÉ=`çãéìíáåÖ=`çêéçê~íáçåÛë=pÉÅìêÉ=tÉÄ=EtÉÄï~ëÜÉêF=~ééäá~åÅÉK= Note: All products under test shall be referenced by their manufacturer s name hereafter in the document. Websense Web Security Gateway combines powerful and easy-to-manage software with the ability to mitigate dynamic Web-based threats, exceeding other vendors tested in meeting Gartner’s criteria* for buying Secure Web Gateways. GaáëÅä~áãÉêW qÜÉ=d~êíåÉê=êÉéçêí= ^=_ìóÉêÛë=dìáÇÉ=íç=pÉÅìêÉ=tÉÄ=d~íÉï~óëÒ=Äó=mÉíÉê=cáêëíÄêççâ=~åÇ= i~ïêÉåÅÉ=lê~åë=Ed~êíåÉê=o^p=`çêÉ=oÉëÉ~êÅÜ=kçíÉ=dMMNRVSSVX=NR=^ìÖìëí=OMMUF=ï~ë= ìëÉÇ=çåäó=~ë=~=êÉèìáêÉãÉåíë=ÖìáÇÉ=áå=íÜáë=Éî~äì~íáçåK=eçïÉîÉêI=~åó=~åÇ=~ää=îÉåÇçê=~åÇ= éêçÇìÅí=Åçãé~êáëçåë=~åÇ=Éî~äì~íáçåë=ïÉêÉ=ÇçåÉ=Äó=íÜÉ=qçääó=dêçìé=~åÇ=áå=åç=ï~ó=Çç=íÜÉó= ÉñéêÉëë=íÜÉ=çéáåáçå=çÑ=d~êíåÉêK ^ää=ëí~íÉãÉåíë=áå=íÜáë=êÉéçêí=~ííêáÄìí~ÄäÉ=íç=d~êíåÉê=êÉéêÉëÉåí=tÉÄëÉåëÉI=fåÅKÛë=áåíÉêéêÉí~J íáçå=çÑ=Ç~í~I=êÉëÉ~êÅÜ=çéáåáçå=çê=îáÉïéçáåíë=éìÄäáëÜÉÇ=~ë=é~êí=çÑ=~=ëóåÇáÅ~íÉÇ=ëìÄëÅêáéíáçå= ëÉêîáÅÉ=Äó=d~êíåÉêI=fåÅKI=~åÇ=Ü~îÉ=åçí=ÄÉÉå=êÉîáÉïÉÇ=Äó=d~êíåÉêK=b~ÅÜ=d~êíåÉê=éìÄäáÅ~íáçå= ëéÉ~âë=~ë=çÑ=áíë=çêáÖáå~ä=éìÄäáÅ~íáçå=Ç~íÉ=E~åÇ=åçí=~ë=çÑ=íÜÉ=Ç~íÉ=çÑ=íÜáë=êÉéçêíFK=qÜÉ=çéáåJ áçåë=ÉñéêÉëëÉÇ=áå=d~êíåÉê=éìÄäáÅ~íáçåë=~êÉ=åçí=êÉéêÉëÉåí~íáçåë=çÑ=Ñ~ÅíI=~åÇ=~êÉ=ëìÄàÉÅí=íç= ÅÜ~åÖÉ=ïáíÜçìí=åçíáÅÉK fÑ=ÅäáÉåíë=ÇÉëáêÉ=d~êíåÉê=íç=îÉêáÑó=íÜ~í=èìçíÉë=~êÉ=~ÅÅìê~íÉ=~åÇ=Åçãéäó=ïáíÜ=d~êíåÉêÛë=`çéóJ êáÖÜí=~åÇ=nìçíÉ=mçäáÅóI=d~êíåÉê=éêçîáÇÉë=~=ëÉêîáÅÉ=íÜ~í=îÉêáÑáÉë=èìçíÉ=~ÅÅìê~Åó=~åÇ=~ééêçJ éêá~íÉåÉëëK=`äáÉåíë=ïáëÜáåÖ=íç=í~âÉ=~Çî~åí~ÖÉ=çÑ=íÜáë=ëÉêîáÅÉ=ëÜçìäÇ=Åçåí~Åí=d~êíåÉê=sÉåJ Ççê=oÉä~íáçåë=~í=îÉåÇçêKêÉä~íáçåë]Ö~êíåÉêKÅçãK «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========Q
  5. 5. T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P qçääó=dêçìé=ÉåÖáåÉÉêë=Éî~äì~íÉÇ=íÜÉ=éêçÇìÅíë=ìåÇÉê=íÉëí=Ä~ëÉÇ= tÉÄëÉåëÉI= çå=~=ëÉí=çÑ=ÅêáíÉêá~=d~êíåÉê=áÇÉåíáÑáÉÇ=~ë=íÜÉ=ãçëíJ~Çî~åÅÉÇ=ÑÉ~J fåÅK íìêÉë=íÜ~í=ÅçìäÇ=ÜÉäé=ïáíÜ=Åçãé~ê~íáîÉ=Éî~äì~íáçå=~åÇ=ëÉäÉÅíáçå= çÑ=~=ëÉÅìêÉ=tÉÄ=Ö~íÉï~óK=qÉëíë=ïÉêÉ=ÅçåÇìÅíÉÇ=áå=lÅíçÄÉê= pÉÅìêÉ=tÉÄ= OMMUK d~íÉï~ó cêçã=~=ÜáÖÜJäÉîÉä=éÉêëéÉÅíáîÉI=íÜÉ=d~êíåÉê=ptd=ÄìóÉêÛë=ÖìáÇÉ= `çãéÉíáíáîÉ= ë~óë=íÜ~í=îÉåÇçêë=çÑ=roi=ÑáäíÉêáåÖI=éêçñó=ëÉêîÉêëI=~åÇ=~åíáJîáêìëL bî~äì~íáçå=çÑ=tÉÄ=pÉÅìêáíó= ~åíáJëé~ã=ëçäìíáçåëI=~ää=~êÉ=~ééêç~ÅÜáåÖ=íÜÉ=ëÉÅìêÉ=tÉÄ=Ö~íÉJ cÉ~íìêÉë ï~ó=ã~êâÉí=Ñêçã=ÇáÑÑÉêÉåí=ÇáêÉÅíáçåëK=qÜÉ=qçääó=dêçìéÛë=Ü~åÇëJçå= ~å~äóëáë=çÑ=íÜÉëÉ=éêçÇìÅíë=îÉêáÑáÉë=íÜ~í=ïÜáäÉ=íÜÉ=ã~àçêáíó=çÑ= éêçÇìÅíë=íÉëíÉÇ=ÉñÅÉä=áå=~=ÑÉï=~êÉ~ëI=çåäó=tÉÄëÉåëÉÛë=tÉÄ=pÉÅìJ êáíó=d~íÉï~ó=ëÅçêÉÇ=ìåáÑçêãäó=ÜáÖÜ=~åÇ=ÇÉäáîÉêÉÇ=ÑÉ~íìêÉJêáÅÜ=Å~é~ÄáäáíáÉë= ~Åêçëë=~ää=åáåÉ=ÑìåÅíáçå~ä=~êÉ~ë=íÜ~í=ÉåÖáåÉÉêë=Éñ~ãáåÉÇK= qçääó=dêçìé=ÉåÖáåÉÉêë=~ëëáÖåÉÇ=~=ëìÄàÉÅíáîÉ=ëÅçêÉ=íç=É~ÅÜ=çÑ=íÜÉ=åáåÉ= éêçÇìÅí=ÅêáíÉêá~=Éî~äì~íÉÇ=~åÇ=í~ääáÉÇ=~=ÅçãéçëáíÉ=ëÅçêÉ=Ñçê=É~ÅÜ=éêçÇìÅíK= táíÜ=~=ëÅçêÉ=çÑ=OMNI=tÉÄëÉåëÉ=pÉÅìêáíó=d~íÉï~ó=~äãçëí=ÇçìÄäÉÇ=íÜÉ=éçáåí= íçí~ä=çÑ=áíë=åÉñí=åÉ~êÉëí=ÅçãéÉíáíçêK=EpÉÉ=cáÖìêÉ=NI=é~ÖÉ=RKF jçêÉçîÉêI=áå=~ÇÇáíáçå=íç=ëí~åÇ~êÇ=roi=ÑáäíÉêáåÖ=~åÇ=íê~Çáíáçå~ä=ã~äï~êÉ=éêçJ íÉÅíáçå=íÜ~í=áë=~î~áä~ÄäÉ=çå=~åó=ëÉÅìêÉ=tÉÄ=Ö~íÉï~óI=tÉÄëÉåëÉ=áë=íÜÉ=Ñáêëí= îÉåÇçê=Éñ~ãáåÉÇ=Äó=qÜÉ=qçääó=dêçìé=ÉåÖáåÉÉêë=íç=çÑÑÉê=~=Ñìääó=áåíÉÖê~íÉÇ= aim=çéíáçåI=~ääçïáåÖ=íÜÉ=Åçãé~åó=íç=çÑÑÉê=~=äÉîÉä=çÑ=Ç~í~=äçëë=éêçíÉÅíáçå= ìåã~íÅÜÉÇ=å~íáîÉäó=Äó=êáî~ä=éêçÇìÅíë=íÉëíÉÇK=qÜÉ=pÉÅìêÉ=tÉÄ=d~íÉï~ó=ÇÉJ äáîÉêë=~=ãçêÉ=ÑìåÅíáçå~ä=ã~å~ÖÉãÉåí=áåíÉêÑ~ÅÉI=ëÅ~ä~Äáäáíó=Å~é~ÄáäáíáÉëI=~åÇ= êáÅÜÉê=êÉéçêíáåÖ=ÑìåÅíáçåë=íÜ~å=êáî~ä=éêçÇìÅíë=íÉëíÉÇK q~âÉå=~ë=~=ïÜçäÉI=íÜÉ=ÅçãéçëáíÉ=ëÅçêÉë=Ñêçã=É~ÅÜ=çÑ=íÜÉ=Éî~äì~íÉÇ=ëÉäÉÅJ íáçå=ÅêáíÉêá~=ëÜçï=íÜ~í=tÉÄëÉåëÉÛë=tÉÄ=pÉÅìêáíó=d~íÉï~ó=áë=íÜÉ=ãçëí= ÑÉ~íìêÉJêáÅÜ=çÑ=íÜÉ=éêçÇìÅíë=íÉëíÉÇI=~äçåÖ=ïáíÜW çÑÑÉêáåÖ=íÜÉ=ïáÇÉëí=ÅçîÉê~ÖÉ=~åÇ=íÜÉ=ÖêÉ~íÉëí=~ÅÅìê~Åó=áå= Å~íÉÖçêáòáåÖ=Çóå~ãáÅ=ÅçåíÉåí=çå=tÉÄ=OKM=ëáíÉë ÄäçÅâáåÖ=ãçêÉ=fåíÉêåÉíJÄ~ëÉÇ=íÜêÉ~íë=íÜ~å=~ää=çíÜÉê=éêçÇìÅíë=íÉëíÉÇ éêçîáÇáåÖ=íÜÉ=É~ëáÉëí=íç=ìëÉ=áåíÉêÑ~ÅÉ=çÑ=íÜÉ=éêçÇìÅíë=íÉëíÉÇ ÇÉäáîÉêáåÖ=ÖêÉ~íÉê=ÑäÉñáÄáäáíó=íÜ~å=~åó=çíÜÉê=ëçäìíáçåë=íÉëíÉÇ «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========R
  6. 6. T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P Composite Scores of Products Tested Across Evaluation Areas All criteria listed were rated subjectively either by examining publicly available documentation from the vendors; or by launching the management interface, configuring the desired behavior and observing the results. The subjective usability, layout and overall effectiveness of each function by vendor has been assigned a value ranging from 1 (least effective) to 4 (most effective) to indicate the Tolly engineers' im- pression of each of the units tested. Detailed breakdown of scores in each area of evaluation can be seen in Figures 4. through 12. Source: The Tolly Group, November 2008 Figure 1 «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========S
  7. 7. T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P qÜáë=ïÜáíÉ=é~éÉê=ïáää=ÉñéäçêÉ=ÑáåÇáåÖë=Ñçê=É~ÅÜ=çÑ=íÜÉ=Éî~äì~íáçå=ÅêáíÉêá~=áå= íÜÉ=é~ÖÉë=~åÇ=ÅÜ~êíë=íÜ~í=ÑçääçïK= få=ÅçåÅäìëáçåI=tÉÄëÉåëÉ=tÉÄ=pÉÅìêáíó=d~íÉï~ó=ÅçãÄáåÉÇ=íÜÉ=ÄÉëí=çÑ= ÄêÉÉÇ=íÉÅÜåçäçÖáÉë=íç=çÑÑÉê=~=éêçÇìÅí=íÜ~í=áë=É~ëáÉê=íç=ã~å~ÖÉI=ëÅ~äÉë= ÄÉííÉêI=éêçîáÇÉë=ãçêÉ=Öê~åìä~ê=çéíáçåë=íç=Åçåíêçä=åÉíïçêâ=~ééäáÅ~íáçå=íê~ÑÑáÅ= ~åÇ=Öì~êÇë=~Ö~áåëí=íÜÉ=Çóå~ãáÅ~ääó=ÅÜ~åÖáåÖ=íÜêÉ~í=ä~åÇëÅ~éÉ=çÑ=tÉÄJ Ä~ëÉÇ=~íí~ÅâëK Web 2.0 Effectiveness tÉÄ=OKM=ëáíÉë=~êÉ=ê~éáÇäó=ÖêçïáåÖ=íç=ÄÉ=ëçãÉ=çÑ=íÜÉ=ãçëí=îáëáíÉÇ=tÉÄ=ëáíÉë= çå=íÜÉ=fåíÉêåÉíK=qÜÉ=~Äáäáíó=çÑ=ìëÉêë=íç=ÑêÉÉäó=ÅêÉ~íÉ=~åÇ=ìéäç~Ç= ÅçåíÉåí=çåíç=tÉÄ=OKM=ëáíÉë=áë=áåÅêÉ~ëáåÖäó=~ííê~ÅíáîÉ=íç=~íí~ÅâÉêë=ïÜç ìéäç~Ç=ã~äáÅáçìë=~åÇ=çÄàÉÅíáçå~ÄäÉ=ÅçåíÉåí=çåíç=êÉéìí~ÄäÉ=tÉÄ=OKM=ëáíÉë= äáâÉ=_äçÖëéçí=EÜííéWLLÄäçÖëéçíKÅçãFI=tçêÇmêÉëë=EÜííéWLLïçêÇéêÉëëKçêÖFI=çê= çåíç=äÉÖáíáã~íÉ=ëáíÉë=íÜ~í=Ü~îÉ=ÄÉÉå=ÅçãéêçãáëÉÇK=qÜÉ=~Äáäáíó=çÑ=~=tÉÄ=ëÉJ Åìêáíó=Ö~íÉï~ó=íç=ÇÉíÉÅí=ã~äáÅáçìë=ÅçåíÉåí=~ÅÅìê~íÉäó=çå=Çóå~ãáÅ=tÉÄ=ëáíÉë= äáâÉ=tÉÄ=OKM=êÉäáÉë=ÖêÉ~íäó=çå=êÉ~äJíáãÉ=~å~äóëáë=çÑ=ÅçåíÉåíI=~åÇ=åçí=àìëí=çå= íÜÉ=êÉéìí~íáçå=çÑ=íÜÉ=tÉÄ=ëáíÉëK qÉëíë=ìëáåÖ=VSR=äáîÉ=roië=Ñêçã=éçéìä~ê=tÉÄ=OKM=ëáíÉë=äáâÉ=ÄäçÖëéçíKÅçã= ~åÇ=ïçêÇéêÉëëKÅçã=íÜ~í=ïÉêÉ=ÜçëíáåÖ=ã~äáÅáçìë=çê=çÄàÉÅíáçå~ÄäÉ=ÅçåíÉåí= êÉîÉ~äÉÇ=tÉÄëÉåëÉÛë=éçïÉêÑìä=êÉ~äJíáãÉ=ÅçåíÉåí=~å~äóëáë=Å~é~ÄáäáíóK=tÉÄJ ëÉåëÉ=ÄäçÅâÉÇ=~äãçëí=VVB=çÑ=íÜÉ=ã~äáÅáçìë=roië=ïÜáäÉ=ÅçãéÉíáåÖ=éêçÇìÅíë= ÄäçÅâÉÇ=ÄÉíïÉÉå=äÉëë=íÜ~å=OB=íç=~Äçìí=QMBK=EpÉÉ=cáÖìêÉ=OKF= qÜáë=ÜìÖÉ=ëéêÉ~Ç=çÑ=êÉëìäíë=Ñêçã=éêçÇìÅíë=ìëáåÖ=tÉÄ=oÉéìí~íáçå=ëÉêîáÅÉë= ~åÇ=íê~Çáíáçå~ä=roi=Ç~í~Ä~ëÉë=ëÜçïë=íÜ~í=äÉÖ~Åó=ãÉíÜçÇë=çÑ=roi=ÑáäíÉêáåÖ= ~êÉ=åçí=éçïÉêÑìä=ÉåçìÖÜ=çå=íÜÉáê=çïåI=ìåäÉëë=áíÛë=~ìÖãÉåíÉÇ=Äó=ÉÑÑÉÅíáîÉ= ìëÉ=çÑ=çíÜÉê=íÉÅÜåçäçÖáÉë=äáâÉ=çåJéêÉãáëÉëI=êÉ~äJíáãÉ=ÅçåíÉåí=~å~äóëáëI=ÜÉìJ êáëíáÅëI=ÉíÅK qÉëíë=~äëç=ëÜçïÉÇ=íÜ~í=tÉÄëÉåëÉ=Ü~Ç=íÜÉ=ïáÇÉëí=roi=ÅçîÉê~ÖÉ=çÑ=íÜÉ= Úâåçïå=tÉÄÛ=çìí=çÑ=íÜÉ=éêçÇìÅíë=íÉëíÉÇI=~ë=ÉîáÇÉåÅÉÇ=Äó=íÜÉ=êÉëìäíë=Ñêçã= íÜÉ=^äÉñ~=NMMIMMM=roi=Åä~ëëáÑáÅ~íáçå=íÉëíK=qÜáë=íÉëí=ëÜçïÉÇ=íÜ~í=íÜÉ=tÉÄJ ëÉåëÉ=Åä~ëëáÑáÉÇ=VTKNB=çÑ=íÜÉ=íçé=NMMIMMM=ãçëí=îáëáíÉÇ=tÉÄ=ëáíÉë=çå=íÜÉ= fåíÉêåÉí=E~ë=äáëíÉÇ=Äó=íÜÉ=^äÉñ~=NMMIMMM=roi=äáëíFI=ïÜáäÉ=ÅçãéÉíáåÖ=îÉåÇçêë= Åä~ëëáÑáÉÇ=ÄÉíïÉÉå=VOB=íç=VQBK=EpÉÉ=cáÖìêÉ=PKF= «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========T
  8. 8. T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P Web 2.0 Detection Accuracy Effectiveness 98.9 Percent of detection accuracy (%) NMM TR RM 40.2 OR 11.1 11 1.8 M Websense BlueCoat Cisco Secure Trend Computing Micro Note: All URLs tested were sourced from the Websense ThreatSeeker network, within six to 24 hours of the testing window. Source: The Tolly Group, November 2008 Figure 2 qÉëíë=~äëç=ëÜçïÉÇ=tÉÄëÉåëÉÛë=ëìéÉêáçê=~Äáäáíó=íç=Åä~ëëáÑó=íÜÉ=Úìåâåçïå= tÉÄÛ=EêÉÑÉêêÉÇ=íç=~ë=íÜÉ=ÚiçåÖ=q~áäÛ=çÑ=íÜÉ=fåíÉêåÉíF=íóéáÅ~ääó=ÅçåëáëíáåÖ=çÑ= àìåâI=éÉêëçå~ä=çê=ëÅ~ã=tÉÄ=ëáíÉëI=çê=íÜÉ=ãáääáçåë=çÑ=åÉï=tÉÄ=ëáíÉë=ÅêÉ~íÉÇ= ÉîÉêó=Ç~óK=mêçÇìÅíë=ëçäÉäó=êÉäóáåÖ=çå=tÉÄ=êÉéìí~íáçåJÄ~ëÉÇ=Åä~ëëáÑáÅ~íáçå=çê= íê~Çáíáçå~ä=roi=Ç~í~Ä~ëÉë=Å~ååçí=~ÇÉèì~íÉäó=âÉÉé=ìé=ïáíÜ=íÜÉ=ÇÉã~åÇ=íç= Åä~ëëáÑó=tÉÄ=ëáíÉë=áå=íÜÉ=içåÖ=q~áä=çÑ=íÜÉ=fåíÉêåÉíK=tÉÄëÉåëÉ=ÇÉãçåëíê~íÉÇ= áíë=ëíêÉåÖíÜ=áå=êÉ~äJíáãÉ=Åä~ëëáÑáÅ~íáçå=çÑ=tÉÄ=ÅçåíÉåí=Äó=Å~íÉÖçêáòáåÖ=VVKVB= çÑ=íÜÉ=NUIRUM=äáîÉ=roië=ëçìêÅÉÇ=Ñêçã=íÜÉ=içåÖ=q~áäK=få=Åçåíê~ëíI=íÜÉ=ÅçãJ éÉíáåÖ=îÉåÇçêë=Åä~ëëáÑáÉÇ=ÄÉíïÉÉå=PSB=~åÇ=TMBK få=íÉëíë=ÑçÅìëáåÖ=çå=ÇÉíÉÅíáåÖ=~åÇ=ÄäçÅâáåÖ=roië=äÉ~ÇáåÖ=íç=mÜáëÜáåÖ=~åÇLçê= mêçñó=~îçáÇ~åÅÉ=tÉÄ=ëáíÉëI=tÉÄëÉåëÉ=çåÅÉ=~Ö~áå=ÇÉíÉÅíÉÇ=VUKPB=çÑ=íÜÉ= OIPMO=äáîÉ=roiëI=ïÜáäÉ=íÜÉ=ÅçãéÉíáåÖ=îÉåÇçêë=ÇÉíÉÅíÉÇ=ÄÉíïÉÉå=TMB=~åÇ= UUBK=páãáä~êäóI=áå=íÉëíë=ïáíÜ=PTV=roië=Åçåí~áåáåÖ=Äáå~êó=Éñéäçáíë=çê=ÅçãJ éêçãáëÉ=ÅçÇÉI=tÉÄëÉåëÉ=ÄäçÅâÉÇ=VVB=çÑ=roiëI=îÉêëìë=çíÜÉê=îÉåÇçêë=ïÜç= ÄäçÅâÉÇ=ÄÉíïÉÉå=RPB=íç=VNBK=^äëçI=çå=íÉëíë=ïáíÜ=USR=roië=ÜçëíáåÖ=j~äJ «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========U
  9. 9. T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P ï~êÉI=tÉÄëÉåëÉ=ÄäçÅâÉÇ=VUKQB=ïÜáäÉ=çíÜÉê=îÉåÇçêë=ÄäçÅâÉÇ=ÄÉíïÉÉå=SRB= ~åÇ=~êçìåÇ=VSBK=EpÉÉ=cáÖìêÉ=PKF Web 2.0 Accuracy and Coverage Test Results Source: The Tolly Group, November 2008 Figure 3 Manageability and Scalability oÉÇìÅÉÇ=~Çãáåáëíê~íáçå=çîÉêÜÉ~Ç=áë=çåÉ=çÑ=íÜÉ=íçé=ÅçåÅÉêåë=çÑ=ëÉÅìêáíó= ~Çãáåáëíê~íçêëK=qÜÉ=êÉéçêí=ÉãéÜ~ëáòÉë=íÜÉ=áãéçêí~åÅÉ=çÑ=~å=ÉÑÑÉÅíáîÉ=í~ëâJ çêáÉåíÉÇ=Öê~éÜáÅ~ä=ìëÉê=áåíÉêÑ~ÅÉ=EdrfF=~åÇ=ÅçãéêÉÜÉåëáîÉ=ã~å~ÖÉãÉåí= áåíÉêÑ~ÅÉ=íç=äçïÉê=íçí~ä=Åçëí=çÑ=çïåÉêëÜáéK qçääó=dêçìé=Ü~åÇëJçå=íÉëíáåÖ=ëÜçïë=íÜ~í=tÉÄëÉåëÉ=êÉÅÉáîÉ=~=ã~ñáãìã= ëÅçêÉ=çÑ= QÒ=Ñçê=ÑáîÉ=çÑ=íÜÉ=ÉáÖÜí=ã~å~ÖÉãÉåí=áåíÉêÑ~ÅÉ=ÅêáíÉêá~=êÉîáÉïÉÇ=Äó= ÉåÖáåÉÉêëK=låäó=çåÉ=çíÜÉê=éêçÇìÅí=Ü~Ç=íïç= QëÒ=Ñçê=áíë=ã~å~ÖÉãÉåí=áåíÉêJ Ñ~ÅÉK=lÑ=é~êíáÅìä~ê=åçíÉ=ï~ë=tÉÄëÉåëÉÛë=êÉ~äJíáãÉ=ÉîÉåí=Ç~ëÜÄç~êÇ=ïáíÜ= ~Åíáçå~ÄäÉ=~äÉêíë=ïÜáÅÜ=Éå~ÄäÉë=ê~éáÇ=ÉîÉåí=áÇÉåíáÑáÅ~íáçå=~åÇ=éêç~ÅíáîÉ=áåJ «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========V
  10. 10. T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P ÅáÇÉåí=êÉëéçåëÉK=tÉÄëÉåëÉ=~äëç=ï~ë=Öê~ÇÉÇ=~= QÒ=Ñçê=áíë=Åìëíçãáò~ÄäÉ= Ç~ëÜÄç~êÇ=îáÉïëK=tÉÄëÉåëÉ=~äëç=É~êåÉÇ= QëÒ=Ñçê=Öê~åìä~ê=êçäÉJÄ~ëÉÇ= Management and Scalability Scoring Source: The Tolly Group, November 2008 Figure 4 «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========NM
  11. 11. T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P ~Çãáåáëíê~íáçåI=~ìíçã~íÉÇ=~äÉêíáåÖI=~Çî~åÅÉÇ=ÜÉäéI=ÅÉåíê~äáòÉÇ=ã~å~ÖÉJ ãÉåí=çÑ=ãìäíáéäÉ=~ééäá~åÅÉë=~åÇ=å~íáîÉ=äç~Ç=Ä~ä~åÅáåÖL~ÅíáîÉ=ÅäìëíÉêáåÖK=få= íçí~äI=áí=É~êåÉÇ=QM=éçáåíëI=îÉêëìë=PN=Ñçê=íÜÉ=åÉ~êÉëí=ÅçãéÉíáíçêK=EpÉÉ=cáÖìêÉ= QKF= Policy Interface ^åó=éçäáÅó=áåíÉêÑ~ÅÉë=ëÜçìäÇ=ÄÉ=É~ëó=íç=ìëÉI=áåíìáíáîÉ=Ñçê=åçåJíÉÅÜåáÅ~ä=éÉêJ ëçååÉä=~åÇ=ìëÉêJÑêáÉåÇäóK=eÉêÉI=íççI=tÉÄëÉåëÉ=êÉÅÉáîÉ= QëÒ=Ñçê=Ñçìê=çÑ=íÜÉ= ëÉîÉå=ÅêáíÉêá~=êÉîáÉïÉÇ=~åÇ=ï~ë=íÜÉ=çåäó=ëÉÅìêÉ=Ö~íÉï~ó=îÉåÇçê=íç=êÉÅÉáîÉ= íÜÉ=ÜáÖÜÉëí=ã~êâ=éçëëáÄäÉ=Ñçê=éçäáÅó=áåíÉêÑ~ÅÉëK tÉÄëÉåëÉ=êÉÅÉáîÉÇ=íÜÉ=ÜáÖÜ=Öê~ÇÉë=Ñçê=íÜÉ=~Äáäáíó=íç=çÑÑÉê=~=ëáåÖäÉ=é~ÖÉ= îáÉï=çÑ=éçäáÅó=ëí~íÉãÉåíëI=êÉìë~ÄäÉ=éçäáÅó=çÄàÉÅíëI=íÜÉ=~Äáäáíó=íç=ãçÇáÑó=áåJ ÜÉêáíÉÇ=éçäáÅáÉë=~åÇ=Ñçê=êÉéçêíáåÖ=Äó=éçäáÅó=íóéÉI=ïÜáÅÜ=áë=ÉëëÉåíá~ä=áå=ÇÉíÉêJ ãáåáåÖ=Åçãéäá~åÅÉ=íç=~=éçäáÅóK=lîÉê~ääI=tÉÄëÉåëÉ=É~êåÉÇ=~=ëÅçêÉ=çÑ=OOI= îÉêëìë=áíë=åÉñí=åÉ~êÉëí=êáî~ä=ïáíÜ=~=ëÅçêÉ=çÑ=NQK=EpÉÉ=cáÖìêÉ=RKF «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========NN
  12. 12. T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P Policy Interface Scoring Source: The Tolly Group, November 2008 Figure 5 «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========NO
  13. 13. T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P Reporting Capabilities oÉéçêíáåÖ=Å~é~ÄáäáíáÉë=Ü~îÉ=ÉãÉêÖÉÇ=~ë=~å=ÉëëÉåíá~ä=ÅçãéçåÉåí=çÑ=pÉÅìêÉ= tÉÄ=Ö~íÉï~óë=ÄÉÅ~ìëÉ=íÜÉó=ÄêáÇÖÉ=íÜÉ=íÉÅÜåáÅ~ä=ïçêäÇ=ïáíÜ=íÜÉ=ÄìëáåÉëë= ëáÇÉ=çÑ=íÜÉ=Åçãé~åóK=_ìëáåÉëë=ìëÉêë=ÇçåÛí=Ü~îÉ=íáãÉ=íç=ï~ÇÉ=íÜêçìÖÜ=ÖçÄë= çÑ=íÉÅÜåáÅ~ä=Ç~í~I=Äìí=áåëíÉ~Ç=ï~åí=ëìãã~êó=áåÑç=Ü~êîÉëíÉÇ=~åÇ=éêÉëÉåíÉÇ= áå=~å=É~ëó=íç=Ñçääçï=Ñçêã~íK= tÉÄëÉåëÉ=êÉÅÉáîÉ=íÜÉ=ã~ñáãìã=ëÅçêÉ=çÑ= QÒ=áå=ÉáÖÜí=çÑ=åáåÉ=~î~áä~ÄäÉ= Å~íÉÖçêáÉëI=ïÜáäÉ=êáî~ä=éêçÇìÅíë=ëÅçêÉÇ=~=N=çê=O=áå=ãçëí=Å~íÉÖçêáÉëK tÉÄëÉåëÉ=É~êåÉÇ=~=ëÅçêÉ=çÑ=PRI=ïÜáäÉ=íÜÉ=åÉñí=ÅçãéÉíáåÖ=éêçÇìÅí= êÉÅÉáîÉÇ=~=OOK=tÉÄëÉåëÉ=êÉÅÉáîÉÇ=ÜáÖÜ=Öê~ÇÉë=Ñçê=íÜÉ=äÉîÉä=çÑ=ÄìëáåÉëë= çêáÉåíÉÇ=êÉéçêíë=çÑÑÉêÉÇI=íÜÉ=èìáÅâ=~ÅÅÉëë=íççäë=~î~áä~ÄäÉ=íç=ÖÉí=~í=Ç~í~K=^ÇJ Çáíáçå~ääóI=êÉ~äJíáãÉ=êÉéçêíë=~åÇ=ÑçêÉåëáÅ=êÉéçêíë=~êÉ=~î~áä~ÄäÉ=EpÉÉ=cáÖìêÉ= SKF «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========NP
  14. 14. T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P Reporting Scores Source: The Tolly Group, November 2008 Figure 6 «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========NQ
  15. 15. T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P URL Filtering qÜÉ=~Äáäáíó=íç=Åçåíêçä=~åÇ=ãçåáíçê=tÉÄ=ìë~ÖÉ=Äó=ÉãéäçóÉÉë=áë=ÄÉÅçãáåÖ=~= åÉÅÉëëáíó=Ñçê=Åçãé~åáÉëK=qÜÉ=~Äáäáíó=íç=ÉåÑçêÅÉ=Åçêéçê~íÉ=éçäáÅó=åçí=àìëí= ïÜáäÉ=íÜÉ=ÉãéäçóÉÉë=~êÉ=çå=éêÉãáëÉëI=Äìí=~äëç=ïÜáäÉ=çÑÑJéêÉãáëÉë=ÄÉÅçãÉë= î~äì~ÄäÉ=~ë=ÉãéäçóÉÉë=~êÉ=ÄÉÅçãáåÖ=áåÅêÉ~ëáåÖäó=ãçÄáäÉK tÉÄëÉåëÉ=çåÅÉ=~Ö~áå=çÑÑÉêÉÇ=éçïÉêÑìä=~åÇ=ÑäÉñáÄäÉ=íççäë=íç=Öê~åìä~êäó=ÅçåJ íêçä=íÜÉ=tÉÄ=~ÅÅÉëë=çÑ=ìëÉêë=ÄçíÜ=çå=~åÇ=çÑÑ=íÜÉ=éêÉãáëÉëX=~åÇ=ëÅçêÉÇ=~= ã~ñáãìã=éçëëáÄäÉ=NO=éçáåíë=~Åêçëë=íÜêÉÉ=~êÉ~ë=Éî~äì~íÉÇK=EpÉÉ=cáÖìêÉ=TKF= qÜÉ=åÉñí=ÅäçëÉëí=ÅçãéÉíáíçê=éêçÇìÅí=ëÅçêÉÇ=~=V=ïáíÜ=íÜÉ=êÉëí=ëÅçêáåÖ=Q=É~ÅÜK URL Filtering Feature Scoring Source: The Tolly Group, November 2008 Figure 7 «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========NR
  16. 16. T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P Malware Filtering tÜáäÉ=roi=ÑáäíÉêáåÖ=áë=~=ëí~éäÉ=çÑ=~åó=ëÉÅìêÉ=tÉÄ=Ö~íÉï~óI=ã~äï~êÉ=ÑáäíÉêáåÖ= áë=Ñ~ëí=Å~íÅÜáåÖ=çå=~ë=~=ÅêáíáÅ~ä=ÑìåÅíáçåK=sáêìë=ÇÉíÉÅíáçå=~åÇ= êÉãçî~ä=áå=Ö~íÉï~óë=áë=ÅêáíáÅ~ä=~ë=ãçêÉ=ã~äï~êÉ=ãçîÉë=íç=~=tÉÄ=ÇáëíêáÄìJ íáçå=ãÉíÜçÇ=~åÇ=ÉåÇéçáåí=éêçíÉÅíáçå=ëíêìÖÖäÉë=íç=âÉÉé=é~ÅÉ=ïáíÜ=íÜÉ=îçäìãÉ= çÑ=íÜêÉ~íëK= eÉêÉI=qÜÉ=qçääó=dêçìé=ÉåÖáåÉÉêë=ÅçåÇìÅíÉÇ=~=Ü~åÇëJçå=íÉëí=çÑ=ÅÉêí~áå=ÑÉ~J íìêÉëI=ïÜáäÉ=~ëëáÖåáåÖ=ëìÄàÉÅíáîÉ=ëÅçêÉë=íç=íÜÉ=éêçÇìÅíëÛ=~êÅÜáíÉÅíìêÉ=~åÇ= ÉîÉåí=~äÉêíë=Å~é~ÄáäáíáÉëK tÉÄëÉåëÉ=~ÅÜáÉîÉÇ=~=VUKQB=ëÅçêÉ=Ñçê=ÇÉíÉÅíáçå=~ÅÅìê~Åó=çÑ=ã~äï~êÉ=Ñçê= USR=ëáíÉë=ÜçëíáåÖ=ã~äáÅáçìë=ÑáäÉëK=líÜÉê=îÉåÇçêë=ê~åÖÉÇ=Ñêçã=SRB=íç=VSB= ã~äï~êÉ=ÇÉíÉÅíáçå=~ÅÅìê~ÅóK=EpÉÉ=cáÖìêÉ=UKF tÉÄëÉåëÉ=~äëç=ï~ë=ëìÅÅÉëëÑìä=~í=ÇÉíÉÅíáåÖ=~åÇ=~îçáÇáåÖ=éÜáëÜáåÖ=~åÇ= éêçñó=ëáíÉë=VUKPB=çÑ=íÜÉ=íáãÉI=îÉêëìë=TMB=íç=UUB=Ñçê=çíÜÉê=éêçÇìÅíë=íÉëíÉÇK= ^åÇ=tÉÄëÉåëÉ=ï~ë=ëìÅÅÉëëÑìä=VVB=çÑ=íÜÉ=íáãÉ=~í=ÇÉíÉÅíáåÖ=~åÇ=~îçáÇáåÖ= ëáíÉë=ïáíÜ=ã~äáÅáçìë=Éñéäçáíë=çê=ÇêáîÉJÄó=ÑáäÉ=áåëí~ääëK=líÜÉê=éêçÇìÅíë=ïÉêÉ= ëìÅÅÉëëÑìä=çåäó=RQB=íç=VNB=çÑ=íÜÉ=íáãÉK tÉÄëÉåëÉ=ï~ë=~äëç=íÜÉ=çåäó=îÉåÇçê=íç=êÉÅÉáîÉ=íÜÉ=ã~ñáãìã=ëÅçêÉ=çÑ= QÒ= Ñçê=áíë=ëçäìíáçå=~êÅÜáíÉÅíìêÉ=ÇìÉ=íç=áíë=ÜóÄêáÇ=~êÅÜáíÉÅíìêÉK=qÜáë=áë=Ä~ëÉÇ=çå= d~êíåÉêÛë=ÇáëÅìëëáçå=çÑ=íÜÉ=ÄÉåÉÑáíë=çÑ=~= ÜóÄêáÇÒ=~êÅÜáíÉÅíìêÉ=íÜ~í=ìíáäáòÉë= éêçñó=íÉÅÜåçäçÖó=Ñçê=Öê~åìä~êáíó=~åÇ=ÇÉí~áäÉÇ=Åçåíêçä=ÅçìéäÉÇ=ïáíÜ=åÉíïçêâ= ãçåáíçêáåÖ=Å~é~ÄáäáíáÉë=Ñçê=ëÅ~ä~Äáäáíó=~åÇ=Äêç~Ç=ÅçîÉê~ÖÉK «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========NS
  17. 17. T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P Malware Detection Scores Source: The Tolly Group, November 2008 Figure 8 «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========NT
  18. 18. T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P Application Control bãÄÉÇÇÉÇ=~ééäáÅ~íáçåJäÉîÉä=Åçåíêçäë=Éå~ÄäÉ=ëÉÅìêáíó=~Çãáåáëíê~íçêë=íç=ÖçîJ Éêå=íÜÉ=~Ççéíáçå=~åÇ=ìë~ÖÉ=çÑ=tÉÄJÄ~ëÉÇ=~ééäáÅ~íáçåë=ëìÅÜ=~ë=fjI=pâóéÉI= mOmI=~åÇ=ãçêÉK=qçääó=dêçìé=ÉåÖáåÉÉêë=~ï~êÇÉÇ=íÜÉ=ã~ñáãìã=ëÅçêÉ=çÑ= QÒ= íç=íÜÉ=tÉÄëÉåëÉ=éêçÇìÅí=áå=Ñçìê=çÑ=íÜÉ=ÑáîÉ=^ééäáÅ~íáçå=`çåíêçä=Å~íÉÖçêáÉë= Éñ~ãáåÉÇK=EpÉÉ=cáÖìêÉ=VKF= tÉÄëÉåëÉ=É~êåÉÇ=NV=çìí=çÑ=~=éçëëáÄäÉ=OM=éçáåíëI=ïáíÜ=íÜÉ=åÉñíJåÉ~êÉëí= ÅçãéÉíáíçê=ÅçãáåÖ=áå=ïáíÜ=~=ëÅçêÉ=çÑ=NNK=tÉÄëÉåëÉ=É~êåÉÇ=ÜáÖÜ=Öê~ÇÉë=Ñçê= áíë=~Äáäáíó=íç=Å~íÉÖçêáòÉ=~ééäáÅ~íáçåëI=ïÜáÅÜ=É~ëÉë=íÜÉ=ÅêÉ~íáçå=~åÇ=~ÇãáåáJ ëíê~íáçå=çÑ=éçäáÅáÉëK=fí=~äëç=É~êåÉÇ=~=ã~ñáãìã=ëÅçêÉ=Ñçê=éçäáÅó=ÉåÑçêÅÉãÉåí= Äó=Å~íÉÖçêóI=ïÜáÅÜ=êÉÇìÅÉë=íÜÉ=ïçêâäç~Ç=~åÇ=íÜÉ=åìãÄÉê=çÑ=ÉêêçêëK=^åÇ= tÉÄëÉåëÉ=É~êåÉÇ=~=ã~ñáãìã=ëÅçêÉ=Ñçê=Åä~ëëáÑóáåÖ=mOm=~ë=~=ÇáëíáåÅíäó=ÇáÑJ ÑÉêÉåí=~ééäáÅ~íáçå=íÜ~å=çíÜÉêëI=ëáåÅÉ=áí=éçëÉë==ÖêÉ~íÉê=êáëâë=ÇìÉ=íç=ÑáäÉ=íê~åëJ ÑÉêëK= «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========NU
  19. 19. T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P Application Control Scores Source: The Tolly Group, November 2008 Figure 9 «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========NV
  20. 20. T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P Data Loss Protection tÉÄëÉåëÉ=ëçäìíáçå=ï~ë=íÜÉ=çåäó=éêçÇìÅí=íÉëíÉÇ=íç=É~êå=~=ã~ñáãìã=ëÅçêÉ=áå= ÉîÉêó=Å~íÉÖçêó=Ñçê=Ç~í~=äçëë=éêçíÉÅíáçåI=Ñçê=~=íçí~ä=çÑ=PO=éçáåíëK=qÜÉ=åÉñí= åÉ~êÉëí=îÉåÇçê=É~êåÉÇ=NQ=éçáåíëK=EpÉÉ=cáÖìêÉ=NMKF ^ë=íÜÉ=tÉÄ=ÄÉÅçãÉë=ãçêÉ=áåíÉê~ÅíáîÉ=Äó=å~íìêÉI=çêÖ~åáò~íáçåë=~êÉ=ÅçåJ ÅÉêåÉÇ=~Äçìí=íÜÉ=êáëâ=Ñçê=íÜÉ=äçëë=çÑ=ëÉåëáíáîÉ=Ç~í~K=pÉÅìêÉ=tÉÄ=Ö~íÉï~óë= ÅçãÄ~í=íÜáë=Äó=çÑÑÉêáåÖ=íÜÉ=~Äáäáíó=íç=ÇÉíÉÅí=åçåJÅçãéäá~åÅÉ=íç=Åçêéçê~íÉ= ~åÇ=êÉÖìä~íçêó=éçäáÅáÉëK=táíÜ=Ñìää=áåíÉÖê~íáçå=ïáíÜ=íÜÉ=tÉÄëÉåëÉ=a~í~=pÉÅìJ êáíó=pçäìíáçå=çÑÑÉêÉÇI=tÉÄëÉåëÉ=ï~ë=íÜÉ=çåäó=îÉåÇçê=íç=çÑÑÉê=~=éêÉÇÉíÉêJ ãáåÉÇ=åìãÄÉê=çÑ=íÉãéä~íÉë=íç=Öì~êÇ=~Ö~áåëí=åçåJÅçãéäá~åÅÉI=Ñçê=íÜáåÖë= ëìÅÜ=~ë=ÅêÉÇáí=Å~êÇë=çê=ëçÅá~ä=ëÉÅìêáíó=åìãÄÉêëK==tÉÄëÉåëÉ=~äëç=ï~ë=ÅáíÉÇ= Ñçê=áíë=ëíêÉåÖíÜ=~í=ÇÉÉé=ÅçåíÉåí=áåëéÉÅíáçåI=ïÜÉêÉ=çíÜÉê=éêçÇìÅíë=Çç=åçí= Ü~îÉ=íÜÉ=Å~é~Äáäáíó=çê=~êÉ=ïÉ~â=~í=áíK e~åÇëJçå=Éñ~ãáå~íáçå=çÑ=íÜÉ=éêçÇìÅíë=ëÜçï=íÜ~í=ëçãÉ=çÑÑÉêáåÖëI=ëìÅÜ=~ë= _äìÉ`ç~í=mêçñó=pdONM=~åÇ=qêÉåÇ=jáÅêç=fåíÉêëÅ~å=tÉÄ=pÉÅìêáíó=pìáíÉ=Çç= åçí=çÑÑÉê=~åó=Ç~í~=äçëë=éêÉîÉåíáçå=Ñ~ÅáäáíáÉë=çê=áåíÉÖê~íáçå=çéíáçåëK «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========OM
  21. 21. T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P Data Loss Prevention Scores Source: The Tolly Group, November 2008 Figure 10 «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========ON
  22. 22. T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P Network Implementation tÉÄëÉåëÉ=ëÅçêÉÇ=NN=çìí=çÑ=~=éçëëáÄäÉ=OM=éçáåíëI=ÑçääçïáåÖ=pÉÅìêÉ=tÉÄ= Ñêçã=pÉÅìêÉ=`çãéìíáåÖ=ïÜáÅÜ=ëÅçêÉÇ=NQI=~åÇ=fåíÉêpÅ~å=tÉÄ=pÉÅìêáíó= pìáíÉ=Ñêçã=qêÉåÇ=jáÅêç=ïÜáÅÜ=ëÅçêÉÇ=NOK=EpÉÉ=cáÖìêÉ=NNKF qçÇ~óÛë=çêÖ~åáò~íáçåë=êÉèìáêÉ=~=ÑäÉñáÄäÉ=ëçäìíáçå=íÜ~í=Å~å=áåíÉÖê~íÉ=ïáíÜ=íÜÉ= ïáÇÉ=ê~åÖÉ=çÑ=åÉíïçêâ=íçéçäçÖáÉë=ÅìêêÉåíäó=áå=ìëÉK=tÉÄëÉåëÉ=çÑÑÉêë=ÄçíÜ= çåJéêÉãáëÉë=~åÇ=Ñìääó=ÜçëíÉÇ=tÉÄ=ëÉÅìêáíó=çéíáçåë=éêçîáÇáåÖ=ÅìëíçãÉê=ïáíÜ= ãçêÉ=ÅÜçáÅÉë=ïÜÉå=ÇÉëáÖåáåÖ=~=ÇáëíêáÄìíÉÇ=ëçäìíáçåK=pìééçêí=Ñçê=~=Äêç~Ç= ê~åÖÉ=çÑ=Ü~êÇï~êÉ=~åÇ=ëçÑíï~êÉ=éä~íÑçêãë=Éå~ÄäÉë=É~ëó=áåíÉÖê~íáçå=áåíç= ãçëí=ÅìëíçãÉê=åÉíïçêâëK=e~êÇï~êÉ=~ééäá~åÅÉë=~êÉ=çÑíÉå=ìëÉÇ=Ñçê=ëã~ääÉê= áåëí~ää~íáçåë=íÜ~í=ä~Åâ=ÉñéÉêáÉåÅÉÇ=áãéäÉãÉåí~íáçå=ëí~ÑÑI=Äìí=~êÉ=äÉëë=çÑíÉå= ìëÉÇ=áå=ÉåíÉêéêáëÉ=åÉíïçêâë=Ä~ëÉÇ=çå=íÜÉ=ÜáÖÜÉê=ÅçëíëK «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========OO
  23. 23. T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P Delivery and Network Implementation Feature Scores Source: The Tolly Group, November 2008 Figure 11 «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========OP
  24. 24. T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P Integration with Other Solutions fåíÉÖê~íáçå=ïáíÜ=çíÜÉê=éêçÇìÅíëI=ëìÅÜ=~ë=äç~Ç=Ä~ä~åÅÉêëI=éêçñáÉëI=bJã~áä=~åÇ= çíÜÉê=ëçäìíáçå=ã~ó=åçí=ÄÉ=ÅêáíáÅ~äI=Äìí=ã~ó=óáÉäÇ=ëìÑÑáÅáÉåí=ÄÉåÉÑáíë=íç=ï~êê~åí= íÜÉ=áåíÉÖê~íáçåK=tÜáäÉ=ãçëí=éêçÇìÅíë=íÉëíÉÇ=É~êåÉÇ=éççê=ëÅçêÉë=Ñçê=áåíÉÖê~J íáçåI=tÉÄëÉåëÉ=ÉñÅÉääÉÇ=áå=íÜÉ=~êÉ~=çÑ=ÑáêÉï~ääëI=~êÅÜáîáåÖ=~åÇ=aim=ëóëJ íÉãëK=EpÉÉ=cáÖìêÉ=NOKF «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========OQ
  25. 25. T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P Integration Scores Source: The Tolly Group, November 2008 Figure 12 «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========OR
  26. 26. T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P Service and support pÉêîáÅÉ=~åÇ=ëìééçêí=çéíáçåë=~êÉ=~å=áãéçêí~åí=Ñ~Åíçê=íç=ÅçåëáÇÉê=ïÜÉå=ëÉJ äÉÅíáåÖ=~=ëçäìíáçåK=qÜÉ=èì~äáíó=çÑ=ëÉêîáÅÉ=çÑÑÉêáåÖë=Å~å=î~êó=ïáÇÉäó=~ãçåÖ= îÉåÇçêëK=_~ëÉÇ=çå=íÜÉ=ëÅçéÉ=çÑ=íÜáë=êÉéçêíI=íÉëíáåÖ=çÑ=íÜÉ=ëÉêîáÅÉ=çéíáçåë= çÑÑÉêÉÇ=Äó=íÜÉ=îÉåÇçêë=ï~ë=åçí=éÉêÑçêãÉÇI=ëç=~=èì~äáí~íáîÉ=ê~íáåÖ=çÑ=íÜÉ= îÉåÇçê=ëÉêîáÅÉë=Ü~ë=åçí=ÄÉÉå=éêçîáÇÉÇK=qÜÉ=çÑÑÉêáåÖë=Ñêçã=É~ÅÜ=îÉåÇçê= Ü~îÉ=ÄÉÉå=ÉåìãÉê~íÉÇ=íç=áåÇáÅ~íÉ=áÑ=íÜÉó=éêçîáÇÉ=íÜÉ=íóéÉë=çÑ=ëìééçêí=çéJ íáçåë=áåÇáÅ~íÉÇI=ëç=~=ÜáÖÜÉê=ëÅçêÉ=áåÇáÅ~íÉë=~=Äêç~ÇÉê=ê~åÖÉ=çÑ=çÑÑÉêáåÖëI=Äìí= åçí=åÉÅÉëë~êáäó=~=ëìéÉêáçê=çÑÑÉêáåÖK=EpÉÉ=cáÖìêÉ=NPKF «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========OS
  27. 27. T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P Service and Support Scores Source: The Tolly Group, November 2008 Figure 13 «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========OT
  28. 28. T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P Test Methodology Alexa 100,000 URL Filtering/ Classification Test qÜÉ=Ä~ëáÅ=roi=ÑáäíÉêáåÖ=Å~é~ÄáäáíáÉë=çÑ=É~ÅÜ=ëóëíÉã=ï~ë=íÉëíÉÇ=Äó=ëÅêáéíáåÖ= ëí~åÇ~êÇ=ïçêâëí~íáçåë=íç=~ÅÅÉëë=~=ë~ãéäÉ=ëÉí=çÑ=NMMIMMM=roië=Ñêçã=íÜÉ= ^äÉñ~=qçé=NMMIMMM=ãçëí=îáëáíÉÇ=tÉÄ=ëáíÉë=íÜêçìÖÜ=íÜÉ=éêçÇìÅí=ìåÇÉê=íÉëíK= ^ää=~î~áä~ÄäÉ=roi=Å~íÉÖçêáÉë=çÑ=Åä~ëëáÑáÅ~íáçå=çå=~=éêçÇìÅí=ïÉêÉ=Éå~ÄäÉÇ= ~åÇ=ÅçåÑáÖìêÉÇ=íç=ÄäçÅâ=~ÅÅÉëë=íç=~åó=roi=ã~íÅÜáåÖ=çåÉ=çÑ=íÜÉ=ÇÉÑáåÉÇ=ÑáäJ íÉêáåÖ=Å~íÉÖçêáÉëK=fÑ=~=roi=ï~ë=Åä~ëëáÑáÉÇ=ìåÇÉê=~åó=Å~íÉÖçêó=~î~áä~ÄäÉ=çå= íÜÉ=éêçÇìÅíI=íÜÉ=roi=ï~ë=ÄäçÅâÉÇK=fÑ=íÜÉ=roi=ÅçìäÇ=åçí=ÄÉ=Åä~ëëáÑáÉÇ=ìåÇÉê= ~åó=~î~áä~ÄäÉ=Å~íÉÖçêóI=íÜÉ=éêçÇìÅí=ìåÇÉê=íÉëí=ï~ë=ÅçåÑáÖìêÉÇ=íç=ÖÉåÉê~íÉ= ~å=~äÉêíK=qÜÉ=äçÖë=çÑ=É~ÅÜ=ÇÉîáÅÉ=ïÉêÉ=íÜÉå=ÅçêêÉä~íÉÇ=ïáíÜ=íÜÉ=ë~ãéäÉ=ëÉí= íç=~êêáîÉ=~í=íÜÉ=ÇÉîáÅÉÛë=ëÅçêÉK=^ë=äçåÖ=~ë=~=roi=ï~ë=Åä~ëëáÑáÉÇ=ìåÇÉê=~å= ÉñáëíáåÖ=Å~íÉÖçêó=çÑ=Åä~ëëáÑáÅ~íáçå=çå=íÜÉ=éêçÇìÅíI=íÜÉ=êÉëìäí=ï~ë=ÅçåëáÇÉêÉÇ= î~äáÇK=qÜÉ=êÉëìäíáåÖ=ëÅçêÉ=Ü~ë=ÄÉÉå=êÉÅçêÇÉÇ=~ë=íÜÉ=éÉêÅÉåí~ÖÉ=çÑ=roië= ëìÅÅÉëëÑìääó=Å~íÉÖçêáòÉÇ=çê=ÑáäíÉêÉÇ=~Ö~áåëí=íÜÉ=ë~ãéäÉ=ëÉíK=qÉëíë=ïÉêÉ=êÉJ éÉ~íÉÇ=íïáÅÉ=íç=ÉåëìêÉ=êÉéÉ~í~Äáäáíó=~åÇ=íÜÉ=êÉëìäíë=~îÉê~ÖÉÇK= “Long Tail” or Extended URL Classification Test cçê=íÜáë=íÉëíI=ÉåÖáåÉÉêë=ìëÉÇ=~=ëÉí=çÑ=NUIRUM=roië=çÄí~áåÉÇ=Ñêçã=íÜÉ=tÉÄJ ëÉåëÉ=qÜêÉ~ípÉÉâÉê=åÉíïçêâK=qÜÉ=roië=ïÉêÉ=ÅÜçëÉå=Ñêçã=~=éççä=çÑ=roië= ëìÄãáííÉÇ=íç=íÜÉ=qÜêÉ~ípÉÉâÉê=åÉíïçêâ=Ñçê=Åä~ëëáÑáÅ~íáçå=Äó=ÉåÇJìëÉêë= ~êçìåÇ=íÜÉ=ïçêäÇK=qÜÉ=roië=ïÉêÉ=ÅçääÉÅíÉÇ=Ñêçã=íÜÉ=éççä=ïáíÜáå=ëáñ=íç=OQ= Üçìêë=çÑ=íÜÉ=íÉëíáåÖ=ïáåÇçïI=íç=ÉåëìêÉ=íÜ~í=íÜÉ=roië=íÉëíÉÇ=ïçìäÇ=ÄÉ=äáîÉ= çå=íÜÉ=fåíÉêåÉíK=låÅÉ=~Ö~áåI=ÉåÖáåÉÉêë=Éå~ÄäÉÇ=~ää=~î~áä~ÄäÉ=roi=Åä~ëëáÑáÅ~J íáçå=Å~íÉÖçêáÉë=~î~áä~ÄäÉ=çå=éêçÇìÅíë=ìåÇÉê=íÉëíI=~åÇ=îÉêáÑáÉÇ=íÜÉ=äçÖë=çÑ= É~ÅÜ=ÇÉîáÅÉ=íç=çÄí~áå=íÜÉ=åìãÄÉê=çÑ=Åä~ëëáÑáÉÇ=~åÇ=åìãÄÉê=çÑ=ãáëëÉÇ=roiëK= = fÑ=~=roi=ï~ë=Åä~ëëáÑáÉÇ=ìåÇÉê=çåÉ=çÑ=íÜÉ=Éå~ÄäÉÇ=Å~íÉÖçêáÉë=çå=íÜÉ=éêçÇìÅíI= íÜÉ=roi=ï~ë=ÄäçÅâÉÇK=fÑ=íÜÉ=roi=ÅçìäÇ=åçí=ÄÉ=Åä~ëëáÑáÉÇ=ìåÇÉê=~åó=Éå~ÄäÉÇ= Å~íÉÖçêóI=íÜÉ=éêçÇìÅí=ìåÇÉê=íÉëí=ï~ë=ÅçåÑáÖìêÉÇ=íç=ÖÉåÉê~íÉ=~å=~äÉêíK=båÖáJ åÉÉêë=íÜÉå=Å~äÅìä~íÉÇ=íÜÉ=ÇÉíÉÅíáçå=~ÅÅìê~Åó=çÑ=íÜÉ=éêçÇìÅí=~ë=íÜÉ=ê~íáç=çÑ= ~ää=roië=ëìÅÅÉëëÑìääó=Åä~ëëáÑáÉÇ=çìí=çÑ=íÜÉ=íçí~ä=roië=íêáÉÇK=qÜÉ=êÉëìäíáåÖ= «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========OU
  29. 29. T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P ëÅçêÉ=Ü~ë=ÄÉÉå=êÉÅçêÇÉÇ=~ë=íÜÉ=éÉêÅÉåí~ÖÉ=ëìÅÅÉëëÑìääó=Å~íÉÖçêáòÉÇ=çê=ÑáäJ íÉêÉÇ=~Ö~áåëí=íÜÉ=ë~ãéäÉ=ëÉíK=qÉëíë=ïÉêÉ=êÉéÉ~íÉÇ=íïáÅÉ=íç=ÉåëìêÉ=êÉéÉ~íJ ~Äáäáíó=~åÇ=íÜÉ=êÉëìäíë=~îÉê~ÖÉÇK Phishing and/or Proxy Avoidance URL Detection Accuracy Test cçê=íÜáë=íÉëíI=ÉåÖáåÉÉêë=ìëÉÇ=~=ëÉí=çÑ=OIPMO=roië=çÄí~áåÉÇ=Ñêçã=íÜÉ=tÉÄJ ëÉåëÉ=qÜêÉ~ípÉÉâÉê=åÉíïçêâK=qÜÉ=roië=ïÉêÉ=ÅÜçëÉå=Ñêçã=~=éççä=çÑ=roië= ÇÉíÉÅíÉÇ=Äó=íÜÉ=qÜêÉ~ípÉÉâÉê=åÉíïçêâ=~êçìåÇ=íÜÉ=ïçêäÇ=~ë=roië=çÑ=tÉÄ= ëáíÉë=Åçåí~áåáåÖ=mÜáëÜáåÖ=Éñéäçáíë=çê=Ñ~Åáäáí~íÉÇ=mêçñó=^îçáÇ~åÅÉK= qÜÉ=roië=ïÉêÉ=ÅçääÉÅíÉÇ=Ñêçã=íÜÉ=éççä=ïáíÜáå=ëáñ=Üçìêë=çÑ=íÜÉ=íÉëíáåÖ=ïáåJ ÇçïI=íç=ÉåëìêÉ=íÜ~í=íÜÉ=roië=íÉëíÉÇ=ïçìäÇ=ÄÉ=äáîÉ=çå=íÜÉ=fåíÉêåÉíK=låÅÉ= ~Ö~áåI=ÉåÖáåÉÉêë=Éå~ÄäÉÇ=~ää=roi=Åä~ëëáÑáÅ~íáçå=Å~íÉÖçêáÉë=êÉä~íÉÇ=íç=mÜáëÜJ áåÖ=~åÇ=mêçñó=^îçáÇ~åÅÉ=Å~íÉÖçêáÉë=~î~áä~ÄäÉ=çå=éêçÇìÅíë=ìåÇÉê=íÉëíI=~åÇ= îÉêáÑáÉÇ=íÜÉ=äçÖë=çÑ=É~ÅÜ=ÇÉîáÅÉ=íç=çÄí~áå=íÜÉ=åìãÄÉê=çÑ=Åä~ëëáÑáÉÇ=~åÇ=åìãJ ÄÉê=çÑ=ãáëëÉÇ=roiëK=fÑ=~=roi=ï~ë=Åä~ëëáÑáÉÇ=ìåÇÉê=çåÉ=çÑ=íÜÉ=Å~íÉÖçêáÉë= Éå~ÄäÉÇ=çå=íÜÉ=éêçÇìÅíI=íÜÉ=roi=ï~ë=ÄäçÅâÉÇK=fÑ=íÜÉ=roi=ÅçìäÇ=åçí=ÄÉ= Åä~ëëáÑáÉÇ=ìåÇÉê=~åó=Éå~ÄäÉÇ=Å~íÉÖçêóI=íÜÉ=éêçÇìÅí=ìåÇÉê=íÉëí=ï~ë=ÅçåÑáÖJ ìêÉÇ=íç=ÖÉåÉê~íÉ=~å=~äÉêíK=båÖáåÉÉêë=íÜÉå=Å~äÅìä~íÉÇ=íÜÉ=ÇÉíÉÅíáçå=~ÅÅìê~Åó= ~ë=íÜÉ=éÉêÅÉåí~ÖÉ=çÑ=roië=ëìÅÅÉëëÑìääó=Å~íÉÖçêáòÉÇ=çê=ÑáäíÉêÉÇ=çìí=çÑ=íÜÉ= ë~ãéäÉ=ëÉíK=qÉëíë=ïÉêÉ=êÉéÉ~íÉÇ=íïáÅÉ=íç=ÉåëìêÉ=êÉéÉ~í~Äáäáíó=~åÇ=íÜÉ=êÉJ ëìäíë=~îÉê~ÖÉÇK Binary Exploits and Compromises Detection Accuracy Test cçê=íÜáë=íÉëíI=ÉåÖáåÉÉêë=ìëÉÇ=~=ëÉí=çÑ=PTV=roië=çÄí~áåÉÇ=Ñêçã=íÜÉ=tÉÄJ ëÉåëÉ=qÜêÉ~ípÉÉâÉê=åÉíïçêâK=qÜÉ=roië=ïÉêÉ=ÅÜçëÉå=Ñêçã=~=éççä=çÑ=roië= ÇÉíÉÅíÉÇ=Äó=íÜÉ=qÜêÉ~ípÉÉâÉê=åÉíïçêâ=~êçìåÇ=íÜÉ=ïçêäÇ=~ë=roië=çÑ=tÉÄ= ëáíÉë=Åçåí~áåáåÖ=_áå~êó=Éñéäçáíë=çê=ÅçãéêçãáëÉëK= qÜÉ=roië=ïÉêÉ=ÅçääÉÅíÉÇ=Ñêçã=íÜÉ=éççä=ïáíÜáå=ëáñ=Üçìêë=çÑ=íÜÉ=íÉëíáåÖ=ïáåJ ÇçïI=íç=ÉåëìêÉ=íÜ~í=íÜÉ=roië=íÉëíÉÇ=ïçìäÇ=ÄÉ=äáîÉ=çå=íÜÉ=fåíÉêåÉíK=låÅÉ= ~Ö~áåI=ÉåÖáåÉÉêë=Éå~ÄäÉÇ=~ää=roi=Åä~ëëáÑáÅ~íáçå=Å~íÉÖçêáÉë=êÉä~íÉÇ=íç=_áå~êó= Éñéäçáíë=~åÇ=ÅçãéêçãáëÉë=Å~íÉÖçêáÉë=~î~áä~ÄäÉ=çå=éêçÇìÅíë=ìåÇÉê=íÉëíK=fÑ=~= roi=ï~ë=Åä~ëëáÑáÉÇ=ìåÇÉê=çåÉ=çÑ=íÜÉ=Å~íÉÖçêáÉë=Éå~ÄäÉÇ=çå=íÜÉ=éêçÇìÅíI=íÜÉ= «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========OV
  30. 30. T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P roi=ï~ë=ÄäçÅâÉÇK=fÑ=íÜÉ=roi=ÅçìäÇ=åçí=ÄÉ=Åä~ëëáÑáÉÇ=ìåÇÉê=~åó=Éå~ÄäÉÇ= Å~íÉÖçêóI=íÜÉ=éêçÇìÅí=ìåÇÉê=íÉëí=ï~ë=ÅçåÑáÖìêÉÇ=íç=ÖÉåÉê~íÉ=~å=~äÉêíK=båÖáJ åÉÉêë=íÜÉå=Å~äÅìä~íÉÇ=íÜÉ=ÇÉíÉÅíáçå=~ÅÅìê~Åó=çÑ=íÜÉ=éêçÇìÅí=~ë=íÜÉ=éÉêÅÉåíJ ~ÖÉ=ëìÅÅÉëëÑìääó=Å~íÉÖçêáòÉÇ=çê=ÑáäíÉêÉÇ=çìí=çÑ=íÜÉ=ë~ãéäÉ=ëÉíK=qÉëíë=ïÉêÉ= êÉéÉ~íÉÇ=íïáÅÉ=íç=ÉåëìêÉ=êÉéÉ~í~Äáäáíó=~åÇ=íÜÉ=êÉëìäíë=~îÉê~ÖÉÇK= Malware-infected URL Detection Accuracy Test cçê=íÜáë=íÉëíI=ÉåÖáåÉÉêë=ìëÉÇ=~=ëÉí=çÑ=USR=roië=çÄí~áåÉÇ=Ñêçã=íÜÉ=tÉÄJ ëÉåëÉ=qÜêÉ~ípÉÉâÉê=åÉíïçêâK=qÜÉ=roië=ïÉêÉ=ÅÜçëÉå=Ñêçã=~=éççä=çÑ=roië= ÇÉíÉÅíÉÇ=Äó=íÜÉ=qÜêÉ~ípÉÉâÉê=åÉíïçêâ=~êçìåÇ=íÜÉ=ïçêäÇ=~ë=roië=çÑ=tÉÄ= ëáíÉë=Åçåí~áåáåÖ=ã~äï~êÉ=Eã~äáÅáçìë=ÅçÇÉ=çê=~ééäáÅ~íáçåëFK= qÜÉ=roië=ïÉêÉ=ÅçääÉÅíÉÇ=Ñêçã=íÜÉ=éççä=ïáíÜáå=ëáñ=Üçìêë=çÑ=íÜÉ=íÉëíáåÖ=ïáåJ ÇçïI=íç=ÉåëìêÉ=íÜ~í=íÜÉ=roië=íÉëíÉÇ=ïçìäÇ=ÄÉ=äáîÉ=çå=íÜÉ=fåíÉêåÉíK=låÅÉ= ~Ö~áåI=ÉåÖáåÉÉêë=Éå~ÄäÉÇ=~ää=roi=Åä~ëëáÑáÅ~íáçå=Å~íÉÖçêáÉë=êÉä~íÉÇ=íç=ã~äJ ï~êÉ=_áå~êó=Éñéäçáíë=~åÇ=ÅçãéêçãáëÉë=Å~íÉÖçêáÉë=~î~áä~ÄäÉ=çå=éêçÇìÅíë= ìåÇÉê=íÉëíK=fÑ=~=roi=ï~ë=Åä~ëëáÑáÉÇ=ìåÇÉê=çåÉ=çÑ=íÜÉ=Å~íÉÖçêáÉë=Éå~ÄäÉÇ=çå= íÜÉ=éêçÇìÅíI=íÜÉ=roi=ï~ë=ÄäçÅâÉÇK=fÑ=íÜÉ=roi=ÅçìäÇ=åçí=ÄÉ=Åä~ëëáÑáÉÇ=ìåÇÉê= ~åó=Éå~ÄäÉÇ=Å~íÉÖçêóI=íÜÉ=éêçÇìÅí=ìåÇÉê=íÉëí=ï~ë=ÅçåÑáÖìêÉÇ=íç=ÖÉåÉê~íÉ= ~å=~äÉêíK=båÖáåÉÉêë=íÜÉå=Å~äÅìä~íÉÇ=íÜÉ=ÇÉíÉÅíáçå=~ÅÅìê~Åó=çÑ=íÜÉ=éêçÇìÅí=~ë= íÜÉ=éÉêÅÉåí~ÖÉ=ëìÅÅÉëëÑìääó=Å~íÉÖçêáòÉÇ=çê=ÑáäíÉêÉÇ=çìí=çÑ=íÜÉ=ë~ãéäÉ=ëÉíK= qÉëíë=ïÉêÉ=êÉéÉ~íÉÇ=íïáÅÉ=íç=ÉåëìêÉ=êÉéÉ~í~Äáäáíó=~åÇ=íÜÉ=êÉëìäíë=~îÉê~ÖÉÇK= Web 2.0-Based Malicious URL Detection Accuracy Test cçê=íÜáë=íÉëíI=ÉåÖáåÉÉêë=ìëÉÇ=~=ëÉí=çÑ=VSR=roië=çå=éçéìä~ê=tÉÄ=OKM=ëáíÉë= äáâÉ=ÄäçÖëéçíKÅçã=~åÇ=ïçêÇéêÉëëKçêÖ=Åçåí~áåáåÖ=ã~äáÅáçìë=ÅçÇÉI=çê=çÄàÉÅJ íáçå~ÄäÉ=ã~íÉêá~äI=çÄí~áåÉÇ=Ñêçã=íÜÉ=tÉÄëÉåëÉ=qÜêÉ~ípÉÉâÉê=åÉíïçêâK=qÜÉ= roië=ïÉêÉ=ÅÜçëÉå=Ñêçã=~=éççä=çÑ=roië=ÇÉíÉÅíÉÇ=Äó=íÜÉ=qÜêÉ~ípÉÉâÉê=åÉíJ ïçêâ=íç=ÄÉ=Åçåí~áåáåÖ=ã~äáÅáçìë=ÅçÇÉ=çê=çÄàÉÅíáçå~ÄäÉ=ã~íÉêá~äK=qÜÉ=roië= ïÉêÉ=ÅçääÉÅíÉÇ=Ñêçã=íÜÉ=éççä=ïáíÜáå=ëáñ=íç=OQ=Üçìêë=çÑ=íÜÉ=íÉëíáåÖ=ïáåÇçïI=íç= ÉåëìêÉ=íÜ~í=íÜÉ=roië=íÉëíÉÇ=ïçìäÇ=ÄÉ=äáîÉ=çå=íÜÉ=fåíÉêåÉíK= båÖáåÉÉêë=Éå~ÄäÉÇ=~ää=~î~áä~ÄäÉ=roi=Åä~ëëáÑáÅ~íáçå=Å~íÉÖçêáÉë=çå=éêçÇìÅíë= ìåÇÉê=íÉëíI=êÉä~íÉÇ=íç=ã~äáÅáçìëLÜ~êãÑìä=å~íìêÉI=çê=çÄàÉÅíáçå~ÄäÉ=ÅçåíÉåíK= «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========PM
  31. 31. T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P qÜÉ=ëÉí=çÑ=roië=ï~ë=íÜÉå=~ÅÅÉëëÉÇ=~Åêçëë=íÜÉ=éêçÇìÅí=ìåÇÉê=íÉëíK=fÑ=~=roi= ï~ë=Åä~ëëáÑáÉÇ=ìåÇÉê=çåÉ=çÑ=íÜÉ=Å~íÉÖçêáÉë=Éå~ÄäÉÇ=çå=íÜÉ=éêçÇìÅíI=íÜÉ=roi= ï~ë=ÄäçÅâÉÇK=fÑ=íÜÉ=roi=ÅçìäÇ=åçí=ÄÉ=Åä~ëëáÑáÉÇ=ìåÇÉê=~åó=Éå~ÄäÉÇ=Å~íÉJ ÖçêóI=íÜÉ=éêçÇìÅíë=ìåÇÉê=íÉëí=ïÉêÉ=ÅçåÑáÖìêÉÇ=íç=ÖÉåÉê~íÉ=~å=~äÉêíK=båÖáJ åÉÉêë=íÜÉå=Å~äÅìä~íÉÇ=íÜÉ=ÇÉíÉÅíáçå=~ÅÅìê~Åó=çÑ=íÜÉ=éêçÇìÅí=~ë=íÜÉ=éÉêÅÉåíJ ~ÖÉ=ëìÅÅÉëëÑìääó=Å~íÉÖçêáòÉÇ=çê=ÑáäíÉêÉÇ=çìí=çÑ=íÜÉ=ë~ãéäÉ=ëÉíK=qÉëíë=ïÉêÉ= êÉéÉ~íÉÇ=íïáÅÉ=íç=ÉåëìêÉ=êÉéÉ~í~Äáäáíó=~åÇ=íÜÉ=êÉëìäíë=~îÉê~ÖÉÇK Criteria Evaluation by UI Inspection båÖáåÉÉêë=íÜÉå=éêçÅÉÉÇÉÇ=íç=Éî~äì~íÉ=íÜÉ=éêçÇìÅíë=ìåÇÉê=íÉëí=íç=ÇÉíÉêãáåÉ= íÜÉ=ÉÑÑÉÅíáîÉåÉëë=çÑ=íÜÉ=ìëÉê=áåíÉêÑ~ÅÉ=~åÇ=ÅçãéêÉÜÉåëáîÉåÉëë=çÑ=íÜÉ=ã~åJ ~ÖÉãÉåí=áåíÉêÑ~ÅÉK=qÜÉ=Éî~äì~íáçå=ï~ë=ÇçåÉ=Äó=áåëéÉÅíáåÖ=íÜÉ=ã~å~ÖÉJ ãÉåí=áåíÉêÑ~ÅÉ=çÑ=É~ÅÜ=éêçÇìÅí=ìåÇÉê=íÉëíI=~åÇ=~äëç=Äó=éÉêìëáåÖ=íÜÉ=éìÄäáÅäó= ~î~áä~ÄäÉ=ÇçÅìãÉåí~íáçå=Ñêçã=íÜÉ=îÉåÇçê=çÑ=íÜÉ=éêçÇìÅíK=cçê=É~ÅÜ=Å~íÉÖçêóI= qÜÉ=qçääó=dêçìé=ÉåÖáåÉÉêë=íÜÉå=~ëëáÖåÉÇ=~=ëìÄàÉÅíáîÉ=ëÅçêÉ=çå=~=ëÅ~äÉ=çÑ=N= EäÉ~ëí=ÉÑÑÉÅíáîÉF=íç=Q=Eãçëí=ÉÑÑÉÅíáîÉKF=aÉí~áäÉÇ=êÉëìäíë=ìåÇÉê=É~ÅÜ=Å~íÉÖçêó= ~êÉ=éêÉëÉåíÉÇ=áå=íÜÉ=ÑçääçïáåÖ=ëÉÅíáçåëK rë~Äáäáíó=ÅêáíÉêá~=ïÉêÉ=íÉëíÉÇ=Äó=ä~ìåÅÜáåÖ=íÜÉ=ã~å~ÖÉãÉåí=áåíÉêÑ~ÅÉ=~åÇ= çÄëÉêîáåÖ=íÜÉ=Å~é~ÄáäáíáÉë=çÑ=É~ÅÜ=ëóëíÉãK=qÜÉ=ëìÄàÉÅíáîÉ=ìë~ÄáäáíóI=ä~óçìí= ~åÇ=çîÉê~ää=ÉÑÑÉÅíáîÉåÉëë=çÑ=É~ÅÜ=ÑÉ~íìêÉ=Ü~ë=ÄÉÉå=~ëëáÖåÉÇ=~=î~äìÉ=ê~åÖJ áåÖ=Ñêçã=NI=äÉ~ëí=ÉÑÑÉÅíáîÉ=íç=QI=ãçëí=ÉÑÑÉÅíáîÉ=íç=áåÇáÅ~íÉ=íÜÉ=qçääó=ÉåÖáåÉÉêë= áãéêÉëëáçå=çÑ=É~ÅÜ=çÑ=íÜÉ=ìåáíë=íÉëíÉÇK= «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========PN
  32. 32. T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P Interaction with Competing Vendors Fair Testing Charter ™ ~åÇ=fåíÉê~Åíáçå=ïáíÜ=`çãéÉíáíçêë In accordance with The Tolly Group’s process, competitors were contacted and invited to participate in the test - to review the test plans, the product levels and configurations of their prod- ucts and to review and comment on their results. For more information on this process, please see: http://www.Tolly.com/FTC.aspx. Cisco Systems Inc., and Blue Coat Systems did not respond to the invitation. Trend Micro, Inc. and Secure Computing Corporation agreed to par- ticipate in the test, and were provided with a test plan. At the completion of testing, The Tolly Group provided Trend Micro and Secure Computing with the results of their products, and requested to provide comments. Secure Computing did not provide official comments on their results. Trend Micro representatives provided the following comments: Trend Micro's most current secure web gateway product, InterScan Web Security Virtual Appliance v3.1 (IWSVA), was not used in this test. The IWSVA product has improved functionality over the tested product (IWSS) in the following areas: 1. Implementation Model: IWSVA supports bi-direction transparent bridging so that no client or network re-configuration is needed. 2. Malware Detection: additional capabilities have been added to the IWSVA product to ensure the highest possible content-based malware detection rates, further enhancing the URL reputation-based malware detection already in the product. 3. Performance and Throughput: IWSVA running on a standard off-the-shelf 8- core server can support up to 10,000 users with full scanning and no notice- able latency. «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========PO
  33. 33. T T H H E E WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting TOLLY Secure Web Gateways GROU P Appendix: Product List Source: The Tolly Group, November 2008 Figure 14 «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========PP
  34. 34. Terms of Usage USE THIS DOCUMENT ONLY IF YOU AGREE TO THE TERMS LISTED HEREIN. = This document is provided, free-of-charge, to help you understand whether a given product, technology or service merits addi- tional investigation for your particular needs. Any decision to purchase must be based on your own assessment of suitability. This evaluation was focused on illustrating specific features and/or performance of the product(s) and was conducted under con- trolled, laboratory conditions and certain tests may have been tailored to reflect performance under ideal conditions; performance may vary under real-world conditions. Users should run tests based on their own real-world scenarios to validate performance for their own networks. Commercially reasonable efforts were made to ensure the accuracy of the data contained herein but errors and/or oversights can occur. In no event shall The Tolly Group be liable for damages of any kind including direct, indirect, special, incidental and consequential damages which may result from the use of information contained in this document The test/audit documented herein may also rely on various test tools the accuracy of which is beyond our control. Furthermore, the document relies on certain representations by the sponsor that are beyond our control to verify. Among these is that the software/hardware tested is production or production track and is, or will be, available in equivalent or better form to commercial customers. When foreign translations exist, the English document is considered authoritative. To assure accuracy, only use documents downloaded directly from The Tolly Group’s Web site. All trademarks are the property of their respective owners. qÜÉ=qçääó=dêçìé=áë=~=äÉ~ÇáåÖ=ÖäçÄ~ä=éêçîáÇÉê=çÑ=íÜáêÇJ é~êíó=î~äáÇ~íáçå=ëÉêîáÅÉë=Ñçê=îÉåÇçêë=çÑ=fq=éêçÇìÅíëI= ÅçãéçåÉåíë=~åÇ=ëÉêîáÅÉëK qÜÉ=Åçãé~åó=áë=Ä~ëÉÇ=áå=_çÅ~=o~íçåI=ci=~åÇ=Å~å=ÄÉ= êÉ~ÅÜÉÇ=Äó=éÜçåÉ=~í==ERSNF=PVNJRSNMI=çê=îá~=íÜÉ=fåíÉêJ åÉí=~í ÜííéWLLïïïKíçääóKÅçãI=ë~äÉë]íçääóKÅçã= båíáêÉ=`çåíÉåíë=`çéóêáÖÜí=OMMU=Äó= qÜÉ=qçääó=dêçìéI=fåÅK ^ii=ofdeqp=obpbosba OMUPOSJñÑÅÑëNJââJMOaÉÅMU «=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========PQ

×