The document provides an overview of the Gartner Magic Quadrant report. It explains that the Magic Quadrant evaluates vendors in a specific market based on completeness of vision and ability to execute. It then summarizes the first three leaders in the 2014 report for secure web gateways: Blue Coat Systems, Cisco, and Websense. For each, it briefly describes the company and products, and highlights strengths and cautions identified in the report.
Make presence in a building or area a policy in accessing network resources by integrating physical and network access through the Trusted Computing Group's IF-MAP communications standard.
Make presence in a building or area a policy in accessing network resources by integrating physical and network access through the Trusted Computing Group's IF-MAP communications standard.
PwC industry expert, Josh McKibben, helps us break down what a breach is truly comprised of, analyze key breaches as examples, and look for lessons you can bring back to your organization to avoid being the next headline.
CompTIA Managed Services Community Meeting: ChannelCon 2013CompTIA
The CompTIA Managed Services Community focuses on the creation of industry standards and resources to improve managed services marketing and delivery. The group was created to provide networking opportunities among thought leaders, develop managed IT services-specific programs and tools, and generate member-driven initiatives.
Established in 1999 Secon Cyber have a long standing experience of providing class leading cyber security solutions to customers ranging from small to large enterprises.
We continuously strive to innovate and develop solutions to enable our customers and partners to work, play and live safely in the connected world. As part of this commitment we have developed our own Managed Detection and Response Service.
In this session David King will discuss the benefits of an MDR service over a traditional MSSP or SIEM solution.
MDR-SOC is a cybersecurity framework services | Ampcus IncUnified11
MDR-SOC is high performance, scalable, and uses Apache Metron as its base platform with C/C++ and Python as its core components. It indexes and searches log and other data in near real-time.
Network security is a dynamic art, with dangers appearing as fast as black hats can exploit vulnerabilities. While there are basic “golden rules” which can make life difficult for the bad guys, it remains a challenge to keep networks secure. John Chambers, Executive Chairman of Cisco, famously said “there are two types of companies: those that have been hacked, and those who don’t know they have been hacked”. The question for most organizations isn’t if they’re going to be breached, but how quickly they can isolate and mitigate the threat. In this paper, we’ll examine best practices for effective cybersecurity – from both a proactive (access hardening) and reactive (threat isolation and mitigation) perspective. We’ll address how network automation can help minimize cyberattacks by closing vulnerability gaps and how it can improve incident response times in the event of a cyberthreat. Finally, we’ll lay a vision for continuous network security, to explore how machine-to-machine automation may deliver an auto-securing and self-healing network.
Go to www.esgjrconsultinginc.com
MYTHBUSTERS: Can You Secure Payments in the Cloud?Kurt Hagerman
Discussion of if and how you can secure payments in the cloud. Covers the issue, compliance considerations, regulatory changes and their impact, and provides a rationale for using a cloud to decouple your payments processes from your legacy infrastructure.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.Scalar Decisions
Simon Wong and Chris Cram, Scalar security experts, discuss how Palo Alto Networks technology disrupts the entire malware kill chain. Attendees will also gain insight on flexible deployment options to better serve their mobile users, and how to get the most out of their Palo Alto Networks deployment.
Network Access Control, or NAC, solutions enhance network security by reducing the likelihood of unauthorized access and mitigating several threats and vulnerabilities. With a NAC, you can define and implement security policies that allow client machines access to network resources only when certain conditions are met.
Read how Synoptek has proven to be an excellent partner for the companies looking to minimize security risk levels and has helped them take preventive and protective measures.
In an ever-changing technology landscape, SD-WAN has emerged as a leading technology to drive IT efficiency. Innovation, market convergence, and a noisy product landscape have made the marketplace more complex than it needs to be. Learn why a managed approach makes things easier and is considered a best practice by many.
Cloud security From Infrastructure to People-wareTzar Umang
Understand Cloud Security in every level from infrastructure to people ware via understanding threats, hardening your servers and creating policies that will users be guided on securing themselves.
Companies are struggling to deal with the unstoppable growth of cyber-attacks as hackers get faster, sneakier and more creative. The bad news is - no company is immune, no matter how big or small you are. Without a proper understanding of zero-day threats, companies have no way of exposing the gaps of overhyped security solutions.
Zero-day exploit leaves NO opportunity for detection. This presentation will highlight critical insights combating zero-day threats.
Large Enterprises have a surprising number of access credentials un-accounted for. Finding, matching, and deleting excess credentials is a hard problem solved by True_Identity Enterprise Identity Matching.
The Zero Trust Model of information #security simplifies how #information security is conceptualized by assuming there are no longer “trusted” interfaces, applications, traffic, networks, or users. It takes the old model— “trust but verify”—and inverts it, because recent breaches have proven that when an organization trusts, it doesn’t verify
PwC industry expert, Josh McKibben, helps us break down what a breach is truly comprised of, analyze key breaches as examples, and look for lessons you can bring back to your organization to avoid being the next headline.
CompTIA Managed Services Community Meeting: ChannelCon 2013CompTIA
The CompTIA Managed Services Community focuses on the creation of industry standards and resources to improve managed services marketing and delivery. The group was created to provide networking opportunities among thought leaders, develop managed IT services-specific programs and tools, and generate member-driven initiatives.
Established in 1999 Secon Cyber have a long standing experience of providing class leading cyber security solutions to customers ranging from small to large enterprises.
We continuously strive to innovate and develop solutions to enable our customers and partners to work, play and live safely in the connected world. As part of this commitment we have developed our own Managed Detection and Response Service.
In this session David King will discuss the benefits of an MDR service over a traditional MSSP or SIEM solution.
MDR-SOC is a cybersecurity framework services | Ampcus IncUnified11
MDR-SOC is high performance, scalable, and uses Apache Metron as its base platform with C/C++ and Python as its core components. It indexes and searches log and other data in near real-time.
Network security is a dynamic art, with dangers appearing as fast as black hats can exploit vulnerabilities. While there are basic “golden rules” which can make life difficult for the bad guys, it remains a challenge to keep networks secure. John Chambers, Executive Chairman of Cisco, famously said “there are two types of companies: those that have been hacked, and those who don’t know they have been hacked”. The question for most organizations isn’t if they’re going to be breached, but how quickly they can isolate and mitigate the threat. In this paper, we’ll examine best practices for effective cybersecurity – from both a proactive (access hardening) and reactive (threat isolation and mitigation) perspective. We’ll address how network automation can help minimize cyberattacks by closing vulnerability gaps and how it can improve incident response times in the event of a cyberthreat. Finally, we’ll lay a vision for continuous network security, to explore how machine-to-machine automation may deliver an auto-securing and self-healing network.
Go to www.esgjrconsultinginc.com
MYTHBUSTERS: Can You Secure Payments in the Cloud?Kurt Hagerman
Discussion of if and how you can secure payments in the cloud. Covers the issue, compliance considerations, regulatory changes and their impact, and provides a rationale for using a cloud to decouple your payments processes from your legacy infrastructure.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.Scalar Decisions
Simon Wong and Chris Cram, Scalar security experts, discuss how Palo Alto Networks technology disrupts the entire malware kill chain. Attendees will also gain insight on flexible deployment options to better serve their mobile users, and how to get the most out of their Palo Alto Networks deployment.
Network Access Control, or NAC, solutions enhance network security by reducing the likelihood of unauthorized access and mitigating several threats and vulnerabilities. With a NAC, you can define and implement security policies that allow client machines access to network resources only when certain conditions are met.
Read how Synoptek has proven to be an excellent partner for the companies looking to minimize security risk levels and has helped them take preventive and protective measures.
In an ever-changing technology landscape, SD-WAN has emerged as a leading technology to drive IT efficiency. Innovation, market convergence, and a noisy product landscape have made the marketplace more complex than it needs to be. Learn why a managed approach makes things easier and is considered a best practice by many.
Cloud security From Infrastructure to People-wareTzar Umang
Understand Cloud Security in every level from infrastructure to people ware via understanding threats, hardening your servers and creating policies that will users be guided on securing themselves.
Companies are struggling to deal with the unstoppable growth of cyber-attacks as hackers get faster, sneakier and more creative. The bad news is - no company is immune, no matter how big or small you are. Without a proper understanding of zero-day threats, companies have no way of exposing the gaps of overhyped security solutions.
Zero-day exploit leaves NO opportunity for detection. This presentation will highlight critical insights combating zero-day threats.
Large Enterprises have a surprising number of access credentials un-accounted for. Finding, matching, and deleting excess credentials is a hard problem solved by True_Identity Enterprise Identity Matching.
The Zero Trust Model of information #security simplifies how #information security is conceptualized by assuming there are no longer “trusted” interfaces, applications, traffic, networks, or users. It takes the old model— “trust but verify”—and inverts it, because recent breaches have proven that when an organization trusts, it doesn’t verify
Kemp Technologies rises on Gartner's Magical Quadrant for ADCKappa Data
KEMP Technologies has been included in the Gartner 2016 Magic Quadrant for Application Delivery Controllers (ADCs) for the fourth consecutive year and listed as a Visionary for the second consecutive year. KEMP has also been included in the inaugural release of Gartner Critical Capabilities research for the ADC market. Available at Kappa Data, your preferred Value Added Distributor in Benelux.
Happiest Minds have worked extensively with Industrial and Manufacturing companies to provide customized and value rich IoT consulting and product assessment services. Our comprehensive tools and frameworks combined with our talent rich pool of IoT consultants have helped shape the IoT journeys of our customers.
The Cloud Catalyst programme intends to accelerate the usage and adoption of Cloud computing solutions by providing a clear approach to the enterprises
Symantec's London vision 2014 event more details emerge on the company splitLluis Altes
IDC attended Symantec's Vision 2014 symposium which took place in London on October 21–22. During the event, a team of Symantec's top executives discussed the rationale behind the decision to separate Symantec into two public companies — one company grouping Symantec's security business and the other focused on information management. The executives also presented the company's strategy going forward in terms of product and services updates in the unified security solutions and unified information management areas. Symantec devoted the second day of the event to discuss with partners market trends and opportunities and how the company split should bring benefits to the company and its partners.
The decision to separate Symantec into two independent public companies was announced on October 9 and is expected to be completed by the end of December 2015. Last year, Symantec's global revenues stood at $6.7 billion; after the split the new security focused Symantec is estimated to be a $4.2 billion business accounting for approximately 62% of Symantec's current total business, with the new information management company expected to account for the remaining $2.5 billion in revenue.
Preview delle ultime novità di prodotto Sourcefire IPS Entriamo in dettaglio delle novità di prodotto annunciate da Sourcefire nell\’ultimo mese, incluso:
New 3D8000 Series Sensors with FirePOWER
New Defense Center Models
New IPSx Solution
Gartner has identified the top 10 strategic technology trends for 2014. Take a look ahead at the strategic trends that have high potential to disrupt IT or the business in the next three years. Discover the technologies that may require major financial investments and the ones you cannot afford to miss.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
"Impact of front-end architecture on development cost", Viktor TurskyiFwdays
I have heard many times that architecture is not important for the front-end. Also, many times I have seen how developers implement features on the front-end just following the standard rules for a framework and think that this is enough to successfully launch the project, and then the project fails. How to prevent this and what approach to choose? I have launched dozens of complex projects and during the talk we will analyze which approaches have worked for me and which have not.
Let's dive deeper into the world of ODC! Ricardo Alves (OutSystems) will join us to tell all about the new Data Fabric. After that, Sezen de Bruijn (OutSystems) will get into the details on how to best design a sturdy architecture within ODC.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Leaders of Gartner Magic Quadrant 2014 for Secure Web Gateways
1. Overview:
What is Gartner Magic Quadrant?
How do I use a Gartner Magic Quadrant?
How does a Gartner Magic Quadrant Work?
How can a Gartner Magic Quadrant help me?
What are the new Gartner Magic Quadrant Enhancements?
What is a Gartner Magic Quadrant for Secure Web Gateways?
A brief on the first three leaders of the latest Gartner report magic Quadrant
2014 in the web security field?
What are the first three leaders of a Gartner Magic Quadrant 2014 report
Strengths & Cautions?
By: Tarek Nader
2. What is Gartner Magic Quadrant?
• The Gartner Magic Quadrant (MQ) is the brand name for a series of market research reports published by Gartner Inc. a US-
based research and advisory firm.
• A Gartner Magic Quadrant is a culmination of research in a specific market, giving you a wide-angle view of the relative
positions of the market's competitors.
• According to Gartner, the Magic Quadrant aims to provide a qualitative analysis into a market and its direction, maturity and
participants.
• By applying a graphical treatment and a uniform set of evaluation criteria, a Magic Quadrant helps you quickly ascertain how
well technology providers are executing their stated visions and how well they are performing against Gartner's market view.
• Their analyses are conducted for several specific technology industries and are updated
every 1–2 years.
3. How do I use a Gartner Magic Quadrant?
Use a Gartner Magic Quadrant as a first step to understanding the technology providers you might consider for a specific
investment opportunity.
• Keep in mind that focusing on the leaders' quadrant isn't always the best course of action.
• There are good reasons to consider market challengers. And a niche player may support your needs better than a market
leader.
• It all depends on how the provider aligns with your business goals.
4. How does a Gartner Magic Quadrant Work?
Gartner rates vendors upon two criteria: completeness of vision and ability to execute. Using a methodology which Gartner
does not disclose, these component scores lead to a vendor position in one of four quadrants:
Leaders are said to score higher on both criteria: the ability to execute and completeness of vision. These are said to be
typically larger, mature businesses.
Challengers are said to score higher on the ability to execute and lower on the completeness of vision. Typically larger, settled
businesses with what Gartner claims to be minimal future plans for that industry.
Visionaries are said to score lower on the ability to execute and higher on the completeness of vision. Typically smaller
companies.
Niche players are said to score lower on both criteria: the ability to execute and
completeness of vision. Typically new additions to the Magic Quadrant.
5. Magic Quadrants help you:
Get quickly educated about a market's competing technology providers and their ability to deliver on what end users require
today and in the future
Understand how a market's technology providers are competitively positioned and the strategies they are using to compete for
end-user business
Compare a technology provider's strengths and challenges with your specific needs
6. The new Gartner Magic Quadrant Enhancements:
Additional Perspectives
1. New contextual perspectives for key markets that provide critical insight by industry, company size or geography.
2. Connection to a new, interactive Critical Capabilities tool, with features that enable deeper understanding of products and
services and vendors in a market.
3. Customization of both the Magic Quadrant and the Critical Capabilities allowing for a personalized view of the market and
usage scenarios providing deeper insight aligned to your needs.
It's the same trusted Gartner methodology you've come to rely on, with the flexibility to tailor the analysis to your unique
business needs.
This enhancement provides analyst commentary on the market and notable vendors from key client contexts.
7. Insight into markets and vendors, year-over-year views and ability to customize aligned to your unique needs.
I. Gain Deeper Insight for Your Unique Needs
8. Provides market direction, technology selection, and vendors to consider from an industry, region or company-size perspective.
II. Additional Perspectives
9. III. Gartner Critical Capabilities
The insights of the interactive Magic Quadrant, when combined with a companion interactive Critical Capabilities, enable
deeper analysis into product or service functionality.
10. IV. Magic Quadrant home page on My Gartner
Search and browse Gartner Magic Quadrants or Critical Capabilities by vendor, topic or industry.
11. Magic Quadrant for Secure Web Gateways
By: Analyst(s): Lawrence Orans, Peter Firstbrook
The SWG market is evolving rapidly as vendors respond to the mobility trend and the evolving threat landscape. SWG vendors are highly
differentiated in their ability to deliver cloud-based services, and to protect users with advanced threat defense features.
Market Definition/Description:
Secure Web gateways (SWGs) utilize URL filtering, advanced threat defense, legacy malware protection and application
control technologies to defend users from Internet-borne threats, and to help enterprises enforce Internet policy compliance.
SWGs are delivered as on-premises appliances (hardware and virtual) or cloud-based services.
Vendors differ greatly in the maturity and features of their cloud-based services, and in their ability to protect enterprises
from advanced threats.
Gartner estimates that, in 2013, 77% of SWG implementations were on-premises and 23% were cloud-based. Comparing
these values to those from 2012 (86% on-premises and 14% cloud) indicates that. cloud-based services are growing more
quickly than on-premises appliances.
The market for cloud-based SWG services is far from mature.
The evolving threat landscape has forced SWG vendors to respond by adding technologies to defend against advanced threats.
There are several techniques for combating advanced threats, and sandboxing has emerged as the most commonly
implemented approach by SWG vendors in 2013 and 2014.
Some have implemented sandboxing with separate on-premises appliances, whereas others have taken a cloud-based
approach.
12. A brief on the first 3 leaders of the latest Gartner report magic Quadrant 2014 in the web security field:
In the first place: Blue Coat Systems
Blue Coat Systems Inc., formerly CacheFlow, based in Sunnyvale, California, United States is a provider of security and
networking solutions.
In February 2012, Blue Coat was acquired by private equity investment firm Thoma Bravo for $1.3 billion and began
operating as a privately held company.
Blue Coat provides products to more than 15,000 customers worldwide.
Since the acquisition, Blue Coat acquired several security companies, including
I. Netronome (SSL appliances) in May 2013
II. Solera Networks (full packet capture for network forensics) in May 2013
III.Norman Shark (appliance based sandbox) in December 2013.
Blue Coat also introduced the Content Analysis System (CAS), an internally developed malware detection appliance that
analyzes traffic forwarded to it by Blue Coat's ProxySG.
In addition to its appliance-based offerings, Blue Coat offers a cloud-based SWG service.
Blue Coat's appliances are good candidates for most large-enterprise customers, particularly those requiring highly scalable
SWGs.
Blue Coat's cloud service is a good option for most enterprises.
13. Strengths:
The ProxySG is the strongest proxy in the market in terms of breadth of protocols and the number of advanced features. It
supports a broad set of protocols as well as extensive authentication and directory integration options.
Blue Coat has made good progress in integrating the products that it has acquired.
For example, its CAS (Content Analysis System) can automatically deposit suspicious files in the Malware Analysis
Appliance (sandbox).
The CAS also integrates with FireEye's Web Malware Protection System (MPS; however, the CAS does not yet integrate
with FireEye's NX series, which is the updated version of the MPS).
The Security Analytics solution (Solera Networks technology) integrates with the Malware Analysis Appliance (Norman
Shark technology) and provides a forensic analysis of packets associated with a suspicious file.
Blue Coat's cloud offering includes multitenant IPsec gateways, which enable it to support a wide range of mobile devices.
Blue Coat agents are available for Windows, Mac OS X, Apple iOS and Android.
Cautions:
Because Blue Coat's advanced threat defense solution requires multiple components, it is expensive.
The ProxySG does not deposit suspicious files in the Malware Analysis Appliance.
Customers must purchase the CAS if they want to automatically detect suspicious files and analyze them in the Malware
Analysis Appliance.
Blue Coat's hybrid implementation of its cloud and on-premises offerings is incomplete.
Policy synchronization is not bidirectional (it supports synchronization only from the cloud to on-premises appliances).
Downloading logs from the cloud to on-premises appliances can be scheduled only hourly.
Blue Coat's Reporter application lacks severity indicators for prioritizing alerts.
14. In the second place: Cisco
Cisco Systems, Inc. is an American multinational corporation headquartered in San Jose, California, that designs, manufactures, and sells
networking equipment.
Cisco offers the appliance-based Web Security Appliance (WSA) and the cloud-based Cloud Web Security (CWS) service.
The WSAs are implemented as proxies.
Cisco's WSA products are good options for most midsize and large enterprises, while the CWS service is a good option for
most enterprises.
Cisco acquired a variety of companies to spin products and talent into the company. A total of 160 companies have been
acquired as of July 27, 2014.
A total of 160 companies have been acquired as of July 27, 2014.
I. In October 2013, Cisco acquired cyber-security firm Sourcefire.
II. In June 16, 2014, Cisco announced that it has completed the acquisition of threatGRID, whose primary offering is a cloud-based
sandboxing service.
15. Strengths:
Cisco has integrated a traffic redirection feature - a critical component of any cloud service into some of its on-premises
equipment.
The ASA firewall, Integrated Services Router (ISR) Generation 2 and WSA all support Cisco's "connector" software, which
directs traffic to the CWS service.
Mobile platform support is a strength of the CWS service for customers that have already implemented Cisco's popular
AnyConnect client. The cloud service supports Windows, Mac OS X, Apple iOS, Android, Windows Phone 8 and
BlackBerry.
Sourcefire's Advanced Malware Protection (AMP) technology is available as an option on Cisco's WSA and CWS service
(separate license fees apply).
Cisco's intended acquisition of ThreatGRID and its sandboxing technology will complement the file-based advanced threat
defense technology that it acquired from Sourcefire.
Gartner expects that Cisco will integrate the WSA with a ThreatGRID-based appliance (but not before 2015), so that
suspicious files can be further analyzed in a sandbox environment.
The combination of file-based and sandboxing technologies should reduce false positives and improve the accuracy of
malware and advanced threat detection.
16. Cautions:
Cisco has been slow to integrate its cloud-based SWG (ScanSafe acquisition of 2009) with its on premises SWG (IronPort
acquisition of 2007).
Customers seeking a hybrid cloud/on-premises solution will need two consoles.
1. The consoles lack policy synchronization (to share policies between cloud and on-premises users).
2. Log synchronization is not configurable by the customer, but on customer request, Cisco can automate log synchronization
up to four times per day.
The CTA (Cisco Trust Agent) capability is not available to WSA customers. Only CWS customers can utilize the CTA
functionality.
Getting maximum value from AMP (Advanced Malware Protection, From Sourcefire) requires implementing FireAMP
Connector agents on network endpoints. The FireAMP Connectors are optional, but without them, the AMP-integrated SWG
provides reduced monitoring and investigative functionality.
Cisco's cloud service has a surprisingly small global footprint (15 countries), given Cisco's resources and the number of years
it has been in the SWG market. Newer rivals have been more aggressive in global expansion.
The cloud service also lacks support for IPsec.
17. In the third place: Websense
Websense was founded by Phil Trubey in 1994, and went public in the year 2000.
Websense is a San Diego-based company specializing in computer security software.
Websense was acquired by private equity firm Vista Equity Partners in June 2013.
In 2014, Websense began moving its headquarters from San Diego to Austin, Texas.
Websense offers SWG appliances (hardware and software) and a cloud-based service.
In October 2013, it announced RiskVision, an appliance that forwards suspicious files to Websense's cloud-based sandbox
(known as ThreatScope).
Websense appliances are good options for midsize enterprises, and its cloud service is a good option for most enterprises.
Strengths:
Websense has a strong offering for organizations that are interested in a hybrid SWG strategy (on-premises and cloud-based).
Its Triton management console (Real-time web content analysis and malware protection of the Web Security Gateway)
provides a common point for policy management, reporting and logging in hybrid environments.
Websense's Web Security Gateway automatically deposits suspicious files in the ThreatScope cloud sandbox, which was
developed in-house by Websense.
18. Websense has extended its DLP “Data Loss Prevention” technology to its cloud service. The deep packet inspection
capabilities of its DLP technology are used to inspect outbound traffic for malware behavior. This feature, which was
previously only available on Websense appliances, does not require a DLP license.
The Websense cloud service supports multiple options for traffic redirection (including IPsec), and multiple options for user
authentication (including SAML v2).
Cautions:
Websense's SWG product portfolio limits the vendor to a primarily midmarket customer base.
Websense continues to experience challenges with its service and support organization, based on feedback Gartner has
gathered from several Websense customers. Gartner believes that some of the support issues were the result of disruption
associated with Websense's corporate relocation to Texas.
Prospective customers should verify SLA commitments with Websense's service and support organization.
The console for the cloud-only service is different from Websense's Triton console, which is used to manage the hybrid and
on-premises solutions. Customers that begin with a cloud-only service and add appliances later (for example, to improve
responsiveness in bottleneck locations) would need to switch to the Triton console.