Email Security Overview


Published on

Published in: Education, Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Email Security Overview

  2. 2. Websense Email Security Solutions Overview Challenge The nature of email threats has changed over the past few years. Gone are the days when email security, better known as anti-spam, was primarily tasked with blocking based on volume and scanning for email-borne viruses. The signature-based techniques used in early solutions, while still a viable part of a multi-layered strategy, are simply not capable of protecting organizations from the highly targeted, blended attacks of today. In February 2012 IDC stated, “Signature-based tools are only effective against 30–50% of current security threats.” Solution Read the cybercrime blogs and it’s evident that email is still a major attack vector. But read further and you’ll find that a large percentage of the attacks are actually perpetrated via the web. The takeaway is email facilitates the attack and web actually performs the actions. A modern security approach therefore requires both web and email channels be evaluated with a strong cross-pollination of information between the two. Websense® email security solutions are built on our core TRITON® technologies: • Gateway Threat Analysis leverages security intelligence from the Websense ThreatSeeker® Intelligence Cloud and Websense ACE (Advanced Classification Engine) — collecting data from more than 900 million endpoints and analyzing up to 5 billion requests per day — to thwart advanced malware, spam, and blended threats. • Point-of-Click Threat Analysis sandboxes suspicious links embedded in emails at the recipient’s point-of-click. • Behavioral File Sandboxing analyzes suspicious files attached to email. • Built-in Data Loss Prevention (DLP) monitors and prevents sensitive data such as product roadmaps or customers’ personally identifiable information (PII) from leaving the corporate network via email. ThreatSeeker Intelligence Cloud™ URL ANALYSIS THREAT DATA Internet Email Unfiltered Outbound Email Clean and Policy Compliant CONTENT ANALYSIS Malware Spyware Filters Spam Filters Unwanted Email Quarantined PAYLOAD ANALYSIS Inbound Email Clean and Policy Compliant Adaptive Learning Network & Reputation Analysis INTERNET EVENT CORRELATION Content Filters Outbound Email Unfiltered
  3. 3. Websense Email Security Solutions Overview Features The Websense Difference ACE uses composite scoring with predictive analysis. Combined with classifiers for real-time security, data and content analysis — the result of point to dynamic-IP botnets or web pages that host dynamic code — two techniques that may elude even the most robust gateway malware analysis. years of research and development — they enable For example, an email sent at midnight may ACE to detect more threats than traditional anti- contain a link to a web page that was harmless on virus engines every day (the proof is updated the initial security scan at the gateway. However, weekly at ACE is the the same web page may include injected primary engine behind all TRITON solutions, and malicious code when the recipient clicks on the is supported by the ThreatSeeker Intelligence link the following morning. URL Sandboxing Cloud, which collects data from more than 900 helps thwart web pages hosting dynamic code million endpoints and analyzes up to 5 billion injections that have bypassed initial gateway requests every day. analysis. Gateway Threat Analysis Behavioral File Sandboxing Advanced Malware Protection Email File Sandboxing ACE analyzes inbound and outbound email for Suspicious file attachments are scanned in a malware, spyware, and targeted and blended cloud-based behavioral sandbox to protect threats. With real-time composite risk scoring, against the latest, and most dangerous, zero-day anti-malware engines, and security intelligence and advanced persistent threats (APTs). from the ThreatSeeker Intelligence Cloud, protection is provided against known and unknown threats within email. Accurate Spam Detection Websense provides highly accurate spam Forensic Reporting Actionable reports that describe the system changes made and network communications used by the malware are automatically delivered to administrators. blocking with very low false positives that is backed by a 99 percent or higher SLA. A combination of identification technologies is used, including: sender reputation, connection management, adaptive learning, URL analysis, heuristics, suspicious PDF identification and optical recognition of image spam. Built-in Data Loss Prevention (DLP) Policy Templates and Dictionaries Pre-defined dictionaries in multiple topics and languages plus built-in PCI-DSS and data privacy Point-of-Click Threat Analysis templates help you quickly identify and stop URL Sandboxing Flexible Encryption Isolates suspicious links embedded in emails and Protect sensitive and regulated data by securing analyzes the payload of the corresponding web email through TLS encryption for server-to- page at the recipient’s point-of-click. Modern server protection. Advanced Email Encryption phishing attacks succeed primarily because (optional) secures the email and any attachments phishing emails now contain embedded links that from sender to recipient. email policy violations and meet regulatory requirements.
  4. 4. Websense Email Security Solutions Overview Deployment Models Websense offers multiple deployment models for email security, so that you get to choose which method makes the most sense for your organization. Cloud Cloud: An in-the-cloud email security solution saves time and money with no equipment to install or maintain, built-in resilience, predictable costs and reduced administrative overhead. Protecting email with Websense is easy. Simply point MX records to the Websense data centers and email is cleansed before it reaches your network, saving bandwidth by removing spam and threats in the cloud. Websense data centers are • Load balanced • Redundant • Located worldwide The service provides an SLA-backed availability of 99.999 percent and is certified to ISO27001 standards to provide the highest degree of global and localized security, privacy and confidentiality. Appliance Appliance: Maximum control of all policies and reporting with an on-premises appliance. The Websense V-Series™ appliances are high-performance, preconfigured, security-hardened hardware platforms designed to support flexible deployment of the leading Websense web, email, and data security solutions. The physical appliances are available in two models: • Websense V10000: For headquarters and large office deployments. • Websense V5000: For branch office and medium business deployments. A virtual appliance is also available: • Websense ESGv – Virtual appliance in OVF format. Hybrid Hybrid: Integrates in-the-cloud deployment with an appliance for an optimal balance between scalability and control.
  5. 5. Websense Email Security Solutions Overview Product Comparison Feature Deployment Model Cloud Email Security & Content Control (CES & CC) Email Security Gateway Email Security Gateway Anywhere (ESGA) Cloud Appliance Hybrid Websense ACE (Advanced Classification Engine) Multiple Anti-Malware Engines Anti-Spam and Anti-Phishing URL Sandboxing* File Sandboxing* Phishing Education and Reporting* In-the-Cloud Spam Filtering Service Level Agreements (SLAs) Data Loss Prevention for Email TLS Encryption Advanced Email Encryption* Image Analysis/Virtual Image Analyzer* Managed Through TRITON Console Virtual Appliance Option *Optional Add-On Learn more at | +1 800-723-1166 | TRITON STOPS MORE THREATS. WE CAN PROVE IT. © 2013 Websense, Inc. All rights reserved. Websense, TRITON and the Websense logo are registered trademarks of Websense, Inc. in the United States and various countries. All other trademarks are the properties of their respective owners. EmailSecuritySolutions 11-05-13ENG.