- The computer analyzed a programming language translation program and identified errors.
- It found issues with the syntax parser and translator components.
- The programming language program was modified to address these issues and improve performance.
This document provides an overview and agenda for a presentation on cloud computing technologies and the cloud services model. It discusses different categories of cloud services including Software as a Service (SaaS), Platform as a Service (PaaS), and Infrastructure as a Service (IaaS). Specific examples are provided for each category. The presentation also covers technological developments in cloud computing and the transition to cloud-based services and applications.
The document provides details about a live show on Saturday from 21:00-22:00. It includes sections about the contents and schedule of the show, which involves breaks with different activities. The target audience is people aged 18-45.
The document provides an introduction to PHP programming. It discusses PHP basics like syntax and variables, learning resources like tutorials and documentation references, and advanced PHP topics for more experienced developers like functions, arrays, and object-oriented programming. The goal is to help new PHP programmers learn the language and give them guidance on where to go to continue developing their skills.
The document appears to be technical or coded text and does not contain any discernible sentences, paragraphs or other structural elements. It consists of special characters, punctuation and letters without spaces or punctuation. As such, it is not possible to provide a concise multi-sentence summary of its content or meaning.
The document provides a biography of Chun Tae-il in 3 paragraphs. It details his birthdate and place in 2490, his education from 2503-2513, and his career as a writer from 2520 onwards focusing on documenting Korean folktales and history.
The document summarizes security data from Secunia regarding vulnerabilities in software products. Some key findings include:
- The total number of vulnerabilities detected in 2013 was 13,073, a 45% increase over 5 years.
- 16.3% of vulnerabilities were highly critical and 0.4% were extremely critical.
- The top attack vector was remote network access (73.5% of vulnerabilities).
- Vulnerabilities in third-party software accounted for 75.7% of vulnerabilities in the top 50 most common software products.
- The computer analyzed a programming language translation program and identified errors.
- It found issues with the syntax parser and translator components.
- The programming language program was modified to address these issues and improve performance.
This document provides an overview and agenda for a presentation on cloud computing technologies and the cloud services model. It discusses different categories of cloud services including Software as a Service (SaaS), Platform as a Service (PaaS), and Infrastructure as a Service (IaaS). Specific examples are provided for each category. The presentation also covers technological developments in cloud computing and the transition to cloud-based services and applications.
The document provides details about a live show on Saturday from 21:00-22:00. It includes sections about the contents and schedule of the show, which involves breaks with different activities. The target audience is people aged 18-45.
The document provides an introduction to PHP programming. It discusses PHP basics like syntax and variables, learning resources like tutorials and documentation references, and advanced PHP topics for more experienced developers like functions, arrays, and object-oriented programming. The goal is to help new PHP programmers learn the language and give them guidance on where to go to continue developing their skills.
The document appears to be technical or coded text and does not contain any discernible sentences, paragraphs or other structural elements. It consists of special characters, punctuation and letters without spaces or punctuation. As such, it is not possible to provide a concise multi-sentence summary of its content or meaning.
The document provides a biography of Chun Tae-il in 3 paragraphs. It details his birthdate and place in 2490, his education from 2503-2513, and his career as a writer from 2520 onwards focusing on documenting Korean folktales and history.
The document summarizes security data from Secunia regarding vulnerabilities in software products. Some key findings include:
- The total number of vulnerabilities detected in 2013 was 13,073, a 45% increase over 5 years.
- 16.3% of vulnerabilities were highly critical and 0.4% were extremely critical.
- The top attack vector was remote network access (73.5% of vulnerabilities).
- Vulnerabilities in third-party software accounted for 75.7% of vulnerabilities in the top 50 most common software products.
Hewlett-Packard Enterprise- State of Security Operations 2015Kim Jensen
This document summarizes findings from 118 security operations maturity assessments of 87 organizations in 18 countries. It finds that the median maturity level remains below the ideal level of 3, and 20% of organizations scored below the minimum level of 1. The top issue facing security operations is the shortage of skilled resources. While organizations are investing in new technologies, many neglect operational budgets and processes, resulting in immature capabilities. Visible breaches have increased focus on security from executive leadership and boards.
5 things needed to know migrating Windows Server 2003Kim Jensen
The document provides five key considerations for organizations migrating from Windows Server 2003:
1. The migration is an opportunity to align IT with business goals and modernize processes, not just a routine system update.
2. Conducting a thorough assessment of all hardware, software, and workflows is necessary to develop an accurate timeline and avoid missed dependencies.
3. Not all existing servers and applications need to be migrated - some may be decommissioned through consolidation or replacement with newer options.
4. Updating hardware in addition to software is important to take advantage of new capabilities and ensure performance supports business needs.
5. Most organizations will benefit from partnering with an outside expert to help plan and execute the migration effectively
Infoworld deep dive - Mobile Security2015 updatedKim Jensen
This document provides an overview and comparison of the mobile device management (MDM) capabilities of various mobile platforms, including iOS, Android, BlackBerry, and Windows Phone. It summarizes the new management features introduced in iOS 9 and Android 6.0 Marshmallow, and describes how Android for Work enhances security and management for Android devices running business apps. Key areas discussed include app permissions, device encryption, password policies, and email/calendar management controls available to IT administrators.
OpenDNS is a DNS service that aims to make the internet safer, faster, smarter and more reliable. It was founded in 2005 and now has over 30 million active users, processing half a million queries per second and answering 30 billion DNS queries daily. OpenDNS provides content filtering, phishing and malware protection to households, schools and businesses. It translates domain names to IP addresses faster than other DNS services, improving internet speed and reliability.
This document provides predictions for security issues in 2016 from Forcepoint Security Labs. It predicts that the 2016 U.S. elections will drive significant cyberattacks themed around the elections, with hackers using social media and websites to spread misinformation. It also predicts that new mobile wallet and payment technologies will introduce opportunities for credit card theft and fraud. Finally, it predicts that the addition of new generic top-level domains will provide new opportunities for cybercriminals to use domain names for social engineering and malware attacks.
This document discusses the creation of an AIR application called IketeruGourmet. It describes preparing files and folders for the application, including icons, library files, and source files. It also summarizes the contents of the application.xml file which describes the core properties of the AIR application. The main parts of the user interface are built in the IketeruGourmet.mxml file using the WindowedApplication component.
The document discusses the origins and concepts behind the Ruby on Rails web application framework. It notes that Rails was created in 2005 by David Heinemeier Hanson to address the "lost Quality of Engineering Life" felt by many programmers. Rails aimed to make programming more fun and productive by embracing conventions over configurations and prioritizing developer happiness. The document outlines some of Rails' core concepts like active record and convention over configuration.
The document discusses web services and their basic components. It describes what web services are, how they use common Internet protocols and XML to allow systems to communicate over the web. The key standards that enable web services are introduced as SOAP for messaging, WSDL for description, and UDDI for discovery. Examples are provided of how web services can be used and composed to share functionality over the web. Security considerations for web services are also mentioned.
Apache Tapestry is an open-source framework for building dynamic, robust, highly scalable web applications without using servlets or JSPs. It uses a page object model with pages defined as Java classes and templates defined in TapestryMarkupLanguage (TML) files. Tapestry uses conventions like placing pages in a package and supports features like dependency injection, events, and properties to help build reusable components.
This document provides an overview of web services, including:
1) Web services allow distributed applications to communicate over the internet by using common technologies like HTTP and XML.
2) Key web service technologies include SOAP, WSDL, and UDDI, where SOAP defines messaging formats, WSDL describes services, and UDDI allows discovery of services.
3) Web services provide interoperability, allowing different systems and applications to communicate and work together over the network.
This document summarizes a CakePHP meetup event in Osaka, Japan. It introduces the speaker, Yusuke Ando, discusses some CakePHP news and releases, and focuses on useful CakePHP plugins like debug_kit and api_generator that provide debugging and API documentation generation capabilities. Examples and setup instructions are provided for effectively using these plugins.
Webken 03: Project Design for Optimaizing User ExperienceNobuya Sato
This document discusses strategies for optimizing website design. It describes large-scale website design projects as having many interrelated parts and stakeholders. The document recommends taking a holistic, collaborative approach to website redesign projects that involves reconfiguring the entire site structure and shared interfaces. It also emphasizes the importance of user experience and usability testing during the design process.
AWS IoT Greengrass V2 improves on V1 in several ways. It defines components that can be updated independently, rather than bundling functions together. This allows Greengrass deployments to be more modular and customizable. Device management is also enhanced in V2, with Greengrass groups and jobs allowing administrators to easily control deployments at scale. Overall, V2 provides a more flexible and scalable architecture compared to the previous version.
The document discusses the development of a web application using Adobe Flex and ActionScript. It describes creating a framework, displaying search result location information and listings, and implementing features like search and map clicks. The application will be compiled into a SWF file to run on Flash Player or as an AIR application.
Android is an open-source software platform built primarily for touchscreen mobile devices like smartphones and tablets. It includes an operating system, middleware, and key applications. The Open Handset Alliance, a consortium of 84 technology companies including Google, hardware manufacturers, and telecommunication companies, was founded in 2007 to develop Android. The Android software development kit includes tools and APIs used to develop applications that can be published through Google Play.
The document discusses Redmine, an open source project management and bug tracking tool built using Ruby on Rails. It provides an overview of what Redmine is and how it can be used to manage bugs, track activities, and integrate with source code management systems. The presentation also compares Redmine to Trac and provides tips on installing and using Redmine, along with examples of how it could be applied to specific projects.
The document discusses setting up a demo blogging website using Docker containers. It uses Docker Compose to create and link containers for Nginx, Ghost CMS, and MySQL. Users can access the running website after building the containers from the docker-compose.yml file in Gitpod, an online IDE for Docker development.
This document discusses supply chain management and the digitization of supply chains. It defines supply chains and describes their functions, which include new product development, manufacturing, delivery, sales, marketing, and customer service. It also discusses how information and materials flow through supply chains and how their goal is to maximize added value. Various supply chain models, integration approaches, and challenges are presented.
Dynamic Language による Silverlight2 アプリケーション開発terurou
The document discusses using Silverlight 2 with dynamic languages for RIA development. It provides performance test results showing that Silverlight 2 is faster than Flash, especially for larger numbers of graphics or text elements. It also notes that dynamic languages could allow developing code in a different way than traditional .NET languages like C# and VB.
Fleet Hub for AWS IoT Device Management is a service introduced on December 23, 2020 that allows users to centrally manage fleets of IoT devices connected to AWS IoT Core. It provides visibility into device statuses and telemetry across fleets in a simple interface without requiring development or deployment of custom applications. The summary notes that the service is currently in public preview so features and functionality may change in the future.
【13 C 2】デベロッパーに贈る!M-V-VMパターンで造るWPFアプリケーションYuya Yamaki
This document describes the history and business model of a software company called PowerTools. It discusses the company's focus on developing component libraries since 1983. More recently, it has developed components for technologies like Visual Basic, Java, and .NET. It also describes PowerTools' adoption of the Model-View-ViewModel (MVVM) pattern for structuring applications built for the WPF framework. MVVM aims to separate application logic and user interface code while maintaining a loose coupling between these elements.
Hewlett-Packard Enterprise- State of Security Operations 2015Kim Jensen
This document summarizes findings from 118 security operations maturity assessments of 87 organizations in 18 countries. It finds that the median maturity level remains below the ideal level of 3, and 20% of organizations scored below the minimum level of 1. The top issue facing security operations is the shortage of skilled resources. While organizations are investing in new technologies, many neglect operational budgets and processes, resulting in immature capabilities. Visible breaches have increased focus on security from executive leadership and boards.
5 things needed to know migrating Windows Server 2003Kim Jensen
The document provides five key considerations for organizations migrating from Windows Server 2003:
1. The migration is an opportunity to align IT with business goals and modernize processes, not just a routine system update.
2. Conducting a thorough assessment of all hardware, software, and workflows is necessary to develop an accurate timeline and avoid missed dependencies.
3. Not all existing servers and applications need to be migrated - some may be decommissioned through consolidation or replacement with newer options.
4. Updating hardware in addition to software is important to take advantage of new capabilities and ensure performance supports business needs.
5. Most organizations will benefit from partnering with an outside expert to help plan and execute the migration effectively
Infoworld deep dive - Mobile Security2015 updatedKim Jensen
This document provides an overview and comparison of the mobile device management (MDM) capabilities of various mobile platforms, including iOS, Android, BlackBerry, and Windows Phone. It summarizes the new management features introduced in iOS 9 and Android 6.0 Marshmallow, and describes how Android for Work enhances security and management for Android devices running business apps. Key areas discussed include app permissions, device encryption, password policies, and email/calendar management controls available to IT administrators.
OpenDNS is a DNS service that aims to make the internet safer, faster, smarter and more reliable. It was founded in 2005 and now has over 30 million active users, processing half a million queries per second and answering 30 billion DNS queries daily. OpenDNS provides content filtering, phishing and malware protection to households, schools and businesses. It translates domain names to IP addresses faster than other DNS services, improving internet speed and reliability.
This document provides predictions for security issues in 2016 from Forcepoint Security Labs. It predicts that the 2016 U.S. elections will drive significant cyberattacks themed around the elections, with hackers using social media and websites to spread misinformation. It also predicts that new mobile wallet and payment technologies will introduce opportunities for credit card theft and fraud. Finally, it predicts that the addition of new generic top-level domains will provide new opportunities for cybercriminals to use domain names for social engineering and malware attacks.
This document discusses the creation of an AIR application called IketeruGourmet. It describes preparing files and folders for the application, including icons, library files, and source files. It also summarizes the contents of the application.xml file which describes the core properties of the AIR application. The main parts of the user interface are built in the IketeruGourmet.mxml file using the WindowedApplication component.
The document discusses the origins and concepts behind the Ruby on Rails web application framework. It notes that Rails was created in 2005 by David Heinemeier Hanson to address the "lost Quality of Engineering Life" felt by many programmers. Rails aimed to make programming more fun and productive by embracing conventions over configurations and prioritizing developer happiness. The document outlines some of Rails' core concepts like active record and convention over configuration.
The document discusses web services and their basic components. It describes what web services are, how they use common Internet protocols and XML to allow systems to communicate over the web. The key standards that enable web services are introduced as SOAP for messaging, WSDL for description, and UDDI for discovery. Examples are provided of how web services can be used and composed to share functionality over the web. Security considerations for web services are also mentioned.
Apache Tapestry is an open-source framework for building dynamic, robust, highly scalable web applications without using servlets or JSPs. It uses a page object model with pages defined as Java classes and templates defined in TapestryMarkupLanguage (TML) files. Tapestry uses conventions like placing pages in a package and supports features like dependency injection, events, and properties to help build reusable components.
This document provides an overview of web services, including:
1) Web services allow distributed applications to communicate over the internet by using common technologies like HTTP and XML.
2) Key web service technologies include SOAP, WSDL, and UDDI, where SOAP defines messaging formats, WSDL describes services, and UDDI allows discovery of services.
3) Web services provide interoperability, allowing different systems and applications to communicate and work together over the network.
This document summarizes a CakePHP meetup event in Osaka, Japan. It introduces the speaker, Yusuke Ando, discusses some CakePHP news and releases, and focuses on useful CakePHP plugins like debug_kit and api_generator that provide debugging and API documentation generation capabilities. Examples and setup instructions are provided for effectively using these plugins.
Webken 03: Project Design for Optimaizing User ExperienceNobuya Sato
This document discusses strategies for optimizing website design. It describes large-scale website design projects as having many interrelated parts and stakeholders. The document recommends taking a holistic, collaborative approach to website redesign projects that involves reconfiguring the entire site structure and shared interfaces. It also emphasizes the importance of user experience and usability testing during the design process.
AWS IoT Greengrass V2 improves on V1 in several ways. It defines components that can be updated independently, rather than bundling functions together. This allows Greengrass deployments to be more modular and customizable. Device management is also enhanced in V2, with Greengrass groups and jobs allowing administrators to easily control deployments at scale. Overall, V2 provides a more flexible and scalable architecture compared to the previous version.
The document discusses the development of a web application using Adobe Flex and ActionScript. It describes creating a framework, displaying search result location information and listings, and implementing features like search and map clicks. The application will be compiled into a SWF file to run on Flash Player or as an AIR application.
Android is an open-source software platform built primarily for touchscreen mobile devices like smartphones and tablets. It includes an operating system, middleware, and key applications. The Open Handset Alliance, a consortium of 84 technology companies including Google, hardware manufacturers, and telecommunication companies, was founded in 2007 to develop Android. The Android software development kit includes tools and APIs used to develop applications that can be published through Google Play.
The document discusses Redmine, an open source project management and bug tracking tool built using Ruby on Rails. It provides an overview of what Redmine is and how it can be used to manage bugs, track activities, and integrate with source code management systems. The presentation also compares Redmine to Trac and provides tips on installing and using Redmine, along with examples of how it could be applied to specific projects.
The document discusses setting up a demo blogging website using Docker containers. It uses Docker Compose to create and link containers for Nginx, Ghost CMS, and MySQL. Users can access the running website after building the containers from the docker-compose.yml file in Gitpod, an online IDE for Docker development.
This document discusses supply chain management and the digitization of supply chains. It defines supply chains and describes their functions, which include new product development, manufacturing, delivery, sales, marketing, and customer service. It also discusses how information and materials flow through supply chains and how their goal is to maximize added value. Various supply chain models, integration approaches, and challenges are presented.
Dynamic Language による Silverlight2 アプリケーション開発terurou
The document discusses using Silverlight 2 with dynamic languages for RIA development. It provides performance test results showing that Silverlight 2 is faster than Flash, especially for larger numbers of graphics or text elements. It also notes that dynamic languages could allow developing code in a different way than traditional .NET languages like C# and VB.
Fleet Hub for AWS IoT Device Management is a service introduced on December 23, 2020 that allows users to centrally manage fleets of IoT devices connected to AWS IoT Core. It provides visibility into device statuses and telemetry across fleets in a simple interface without requiring development or deployment of custom applications. The summary notes that the service is currently in public preview so features and functionality may change in the future.
【13 C 2】デベロッパーに贈る!M-V-VMパターンで造るWPFアプリケーションYuya Yamaki
This document describes the history and business model of a software company called PowerTools. It discusses the company's focus on developing component libraries since 1983. More recently, it has developed components for technologies like Visual Basic, Java, and .NET. It also describes PowerTools' adoption of the Model-View-ViewModel (MVVM) pattern for structuring applications built for the WPF framework. MVVM aims to separate application logic and user interface code while maintaining a loose coupling between these elements.
The document provides an overview of domain-specific languages (DSLs) and language-oriented programming. It discusses how DSLs are specialized computer languages for a particular domain and provides examples of DSLs. It also describes how language-oriented programming uses DSLs to define programming abstractions and implementations through language tools and workbenches. Finally, it outlines how a DSL for object-relational mapping was developed in PHP using a lexer, parser, and Eclipse integration.
AWS re:Invent 2020 featured numerous updates to AWS IoT services, including new capabilities for FreeRTOS, AWS IoT Greengrass V2, AWS IoT Core for LoRaWAN, integration with Amazon Sidewalk, and previews of new services like Device Advisor, Fleet Hub, and machine learning detection. Many existing services also received enhancements, such as AWS IoT Device Management, AWS IoT Device Defender, AWS IoT SiteWise, and expanded integrations with services like Apache Kafka and Grafana.
SD is a peer-to-peer (P2P) bug tracking system that allows users to track bugs and work even when offline or without reliable network access. It was created by Jesse Vincent, the founder of Best Practical, because existing bug tracking solutions did not meet his needs as someone who spends a lot of time traveling without reliable WiFi access. SD synchronizes issues and changes across devices and other issue trackers using a distributed model rather than depending on a centralized network infrastructure.
文献紹介:Semantic-based information retrieval in support of concept design.Shin Sano
A new method of image retrieval using semantic technology to best support concept designers to obtain design inspirations.
Keywords: Concept design, Creativity, Inspiration, Image retrieval, Semantic technology, Semantics
コンセプト・デザイナーがデザインを発想する際に使う言葉と視覚イメージを検索する
各種方法を検討し、セマンティック検索を可能にするデザイナー向けオントロジーを含むシステムを提案、効果を評価。EU産学連携コンソーシアム
This document is Cisco's 2013 Annual Security Report which highlights the following key points:
1. The rapid proliferation of devices, applications, and cloud services has created an "any-to-any" world where security has become more challenging. The number of internet-connected devices grew to over 9 billion in 2012.
2. A key trend is the growth of cloud computing, with cloud traffic expected to make up nearly two-thirds of total data center traffic by 2016. This trend complicates security as data is constantly moving.
3. Younger, mobile workers expect to access business services using any device from any location, which also impacts security and data privacy.
1. The number of malicious web links grew by almost 600% worldwide according to data from Websense Security Labs.
2. 85% of malicious web links were found on legitimate web hosts that had been compromised, indicating websites can no longer be trusted based on their reputation.
3. Traditional anti-virus and firewall defenses are no longer sufficient to prevent web-borne threats, as the web serves both as an attack vector and in supporting other attack vectors like social media, mobile, and email. Advanced defenses that can identify compromised legitimate sites in real-time are needed.
The document is a summary of a security survey conducted in 2013 by AV-Comparatives. Some key findings include:
- Over 4,700 computer users worldwide participated in the anonymous online survey.
- Most users are aware of online security risks but some still do not use security software. Detection rates, malware removal, and performance are the most important factors for users.
- Windows 7 and 8 are now the most widely used operating systems. Free antivirus programs are growing in popularity and trust compared to paid solutions.
- Detection testing, real-world protection testing, and tests evaluating heuristic capabilities are the most important types of antivirus testing for users. Performance issues remain a top complaint.
-
Miercom Security Effectiveness Test Report Kim Jensen
The document reports on a test of various web security gateways. It found that Websense blocked the most URLs (132,111 or 5.84%) of over 2.25 million URLs, demonstrating superior web security effectiveness. It also provided the most comprehensive and effective data theft and loss prevention policies. Websense showed advantages in malware blocking, real-time defense, and practical DLP policy implementation. Management of Websense required less time and effort than competitors. Overall, Websense performed well across security effectiveness, malware protection, data protection, and manageability.
Bliv klar til cloud med Citrix Netscaler (pdf)Kim Jensen
This document discusses how Citrix NetScaler outperforms other application delivery controllers (ADCs) in enabling enterprise networks to be cloud ready. It provides 9 key areas where NetScaler beats the competition: 1) Pay-As-You-Grow elasticity to scale capacity on demand; 2) Superior ADC consolidation with higher density; 3) Ability to cluster up to 32 appliances to expand capacity; 4) Full featured virtual ADCs with performance parity to hardware; 5) Cloud bridging functionality for hybrid cloud environments; 6) Open application visibility; 7) SQL load balancing; 8) Intuitive policy engine; 9) Faster SSL performance. The document examines these areas in detail and compares NetScaler's capabilities to other ADC
This document provides a summary and analysis of data from the 2012 Verizon Data Breach Investigations Report (DBIR). Key findings include:
- External threat agents such as hackers were responsible for 98% of breaches and over 99% of compromised records.
- Malware was involved in 69% of breaches and accounted for 95% of compromised records.
- The majority of breaches involved small businesses in the retail, accommodation, and food service industries, though healthcare saw the most compromised records on average per breach.
This document summarizes web traffic trends from Q3 2011 as observed by Zscaler ThreatLabZ across billions of transactions. It finds that while Internet Explorer remains the most used browser, non-browser applications account for over 20% of enterprise HTTP traffic. It also reports that Facebook continues to dominate social networking traffic in enterprises and that browser plugins, especially Adobe Flash, remain out of date and vulnerable to attacks.
This document provides an executive summary and analysis of Forrester's evaluation of mobile collaboration vendors in Q3 of 2011. Forrester evaluated 13 vendors against 15 criteria related to their mobile capabilities and experiences. They found that Adobe, Box, Cisco, IBM, Salesforce, SugarSync, Skype, and Yammer led in their commitment to tablets and smartphones as well as a strategy aligned with mobile workforces. AT&T, Citrix, Dropbox, Evernote, and Google were also strong performers in mobile collaboration. No vendor was considered a contender or risky bet in regards to their mobile support.
The document is a market analysis report from The Radicati Group that examines the corporate web security solutions market in 2011. It segments the market into four categories: specialists, trail blazers, top players, and mature players. The report evaluates vendors based on criteria like functionality and market share. It then plots major vendors in the market into a quadrant chart based on their functionality and size to illustrate their relative position. The report also includes individual analyses of prominent vendors in each category.
This document provides an overview of cloud computing security challenges. It discusses how cloud computing introduces new risks by making systems accessible over the internet, shared among multiple tenants, and lacking location specificity. The document outlines common cloud computing models including infrastructure as a service, platform as a service, and software as a service. It also discusses how multitenancy increases the risk of unauthorized access to user data in cloud environments. Overall, the document examines how cloud computing demands new security practices due to its unique architecture and deployment models.
Cloud security deep dive infoworld jan 2011Kim Jensen
This document provides an overview of cloud security and how it differs from traditional security models. Some key points:
- Cloud computing introduces new security challenges due to its reliance on sharing resources over the internet, like computing power and storage.
- There are different cloud computing models including Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS).
- Cloud computing is defined by traits like internet accessibility, scalability, multitenancy, broad authentication, usage-based pricing, and lack of location specificity. These traits increase security risks.
- Multitenancy, where multiple users share the same cloud resources, introduces the risk of unint
Cloud services deep dive infoworld july 2010Kim Jensen
This document provides an overview of cloud computing services and strategies for businesses. It discusses several types of cloud services including Software as a Service (SaaS) applications, email services, office productivity suites, development/testing platforms, backup/recovery services, and business intelligence tools. The document advises businesses to carefully evaluate their specific needs and compare cloud options to on-premises alternatives before adopting cloud services to ensure the right fit.
This document discusses the benefits of unified communications and collaboration (UC&C) systems. UC&C combines communication channels like voice, email, instant messaging, and video conferencing to improve collaboration. The document outlines how UC&C can reduce "communication latency" by making it easier for employees to connect with the right people at the right time. It provides examples of companies that have implemented UC&C through HP and Microsoft solutions and realized cost savings through reduced conferencing costs, simplified management, and other benefits.
Cloud Computing for Banking
What does the future of cloud computing for banking look like—both in the near and long terms? Accenture sees cloud computing as an important step in the continuing industrialization of IT and thus capable of ultimately playing a key role in enabling high performance.
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
How to Get CNIC Information System with Paksim Ga.pptxdanishmna97
Pakdata Cf is a groundbreaking system designed to streamline and facilitate access to CNIC information. This innovative platform leverages advanced technology to provide users with efficient and secure access to their CNIC details.
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfMalak Abu Hammad
Discover how MongoDB Atlas and vector search technology can revolutionize your application's search capabilities. This comprehensive presentation covers:
* What is Vector Search?
* Importance and benefits of vector search
* Practical use cases across various industries
* Step-by-step implementation guide
* Live demos with code snippets
* Enhancing LLM capabilities with vector search
* Best practices and optimization strategies
Perfect for developers, AI enthusiasts, and tech leaders. Learn how to leverage MongoDB Atlas to deliver highly relevant, context-aware search results, transforming your data retrieval process. Stay ahead in tech innovation and maximize the potential of your applications.
#MongoDB #VectorSearch #AI #SemanticSearch #TechInnovation #DataScience #LLM #MachineLearning #SearchTechnology
In the rapidly evolving landscape of technologies, XML continues to play a vital role in structuring, storing, and transporting data across diverse systems. The recent advancements in artificial intelligence (AI) present new methodologies for enhancing XML development workflows, introducing efficiency, automation, and intelligent capabilities. This presentation will outline the scope and perspective of utilizing AI in XML development. The potential benefits and the possible pitfalls will be highlighted, providing a balanced view of the subject.
We will explore the capabilities of AI in understanding XML markup languages and autonomously creating structured XML content. Additionally, we will examine the capacity of AI to enrich plain text with appropriate XML markup. Practical examples and methodological guidelines will be provided to elucidate how AI can be effectively prompted to interpret and generate accurate XML markup.
Further emphasis will be placed on the role of AI in developing XSLT, or schemas such as XSD and Schematron. We will address the techniques and strategies adopted to create prompts for generating code, explaining code, or refactoring the code, and the results achieved.
The discussion will extend to how AI can be used to transform XML content. In particular, the focus will be on the use of AI XPath extension functions in XSLT, Schematron, Schematron Quick Fixes, or for XML content refactoring.
The presentation aims to deliver a comprehensive overview of AI usage in XML development, providing attendees with the necessary knowledge to make informed decisions. Whether you’re at the early stages of adopting AI or considering integrating it in advanced XML development, this presentation will cover all levels of expertise.
By highlighting the potential advantages and challenges of integrating AI with XML development tools and languages, the presentation seeks to inspire thoughtful conversation around the future of XML development. We’ll not only delve into the technical aspects of AI-powered XML development but also discuss practical implications and possible future directions.
Programming Foundation Models with DSPy - Meetup SlidesZilliz
Prompting language models is hard, while programming language models is easy. In this talk, I will discuss the state-of-the-art framework DSPy for programming foundation models with its powerful optimizers and runtime constraint system.
Best 20 SEO Techniques To Improve Website Visibility In SERPPixlogix Infotech
Boost your website's visibility with proven SEO techniques! Our latest blog dives into essential strategies to enhance your online presence, increase traffic, and rank higher on search engines. From keyword optimization to quality content creation, learn how to make your site stand out in the crowded digital landscape. Discover actionable tips and expert insights to elevate your SEO game.
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?Speck&Tech
ABSTRACT: A prima vista, un mattoncino Lego e la backdoor XZ potrebbero avere in comune il fatto di essere entrambi blocchi di costruzione, o dipendenze di progetti creativi e software. La realtà è che un mattoncino Lego e il caso della backdoor XZ hanno molto di più di tutto ciò in comune.
Partecipate alla presentazione per immergervi in una storia di interoperabilità, standard e formati aperti, per poi discutere del ruolo importante che i contributori hanno in una comunità open source sostenibile.
BIO: Sostenitrice del software libero e dei formati standard e aperti. È stata un membro attivo dei progetti Fedora e openSUSE e ha co-fondato l'Associazione LibreItalia dove è stata coinvolta in diversi eventi, migrazioni e formazione relativi a LibreOffice. In precedenza ha lavorato a migrazioni e corsi di formazione su LibreOffice per diverse amministrazioni pubbliche e privati. Da gennaio 2020 lavora in SUSE come Software Release Engineer per Uyuni e SUSE Manager e quando non segue la sua passione per i computer e per Geeko coltiva la sua curiosità per l'astronomia (da cui deriva il suo nickname deneb_alpha).
GraphRAG for Life Science to increase LLM accuracyTomaz Bratanic
GraphRAG for life science domain, where you retriever information from biomedical knowledge graphs using LLMs to increase the accuracy and performance of generated answers
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
UiPath Test Automation using UiPath Test Suite series, part 6DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 6. In this session, we will cover Test Automation with generative AI and Open AI.
UiPath Test Automation with generative AI and Open AI webinar offers an in-depth exploration of leveraging cutting-edge technologies for test automation within the UiPath platform. Attendees will delve into the integration of generative AI, a test automation solution, with Open AI advanced natural language processing capabilities.
Throughout the session, participants will discover how this synergy empowers testers to automate repetitive tasks, enhance testing accuracy, and expedite the software testing life cycle. Topics covered include the seamless integration process, practical use cases, and the benefits of harnessing AI-driven automation for UiPath testing initiatives. By attending this webinar, testers, and automation professionals can gain valuable insights into harnessing the power of AI to optimize their test automation workflows within the UiPath ecosystem, ultimately driving efficiency and quality in software development processes.
What will you get from this session?
1. Insights into integrating generative AI.
2. Understanding how this integration enhances test automation within the UiPath platform
3. Practical demonstrations
4. Exploration of real-world use cases illustrating the benefits of AI-driven test automation for UiPath
Topics covered:
What is generative AI
Test Automation with generative AI and Open AI.
UiPath integration with generative AI
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Maruthi Prithivirajan, Head of ASEAN & IN Solution Architecture, Neo4j
Get an inside look at the latest Neo4j innovations that enable relationship-driven intelligence at scale. Learn more about the newest cloud integrations and product enhancements that make Neo4j an essential choice for developers building apps with interconnected data and generative AI.
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...Neo4j
Leonard Jayamohan, Partner & Generative AI Lead, Deloitte
This keynote will reveal how Deloitte leverages Neo4j’s graph power for groundbreaking digital twin solutions, achieving a staggering 100x performance boost. Discover the essential role knowledge graphs play in successful generative AI implementations. Plus, get an exclusive look at an innovative Neo4j + Generative AI solution Deloitte is developing in-house.
Driving Business Innovation: Latest Generative AI Advancements & Success StorySafe Software
Are you ready to revolutionize how you handle data? Join us for a webinar where we’ll bring you up to speed with the latest advancements in Generative AI technology and discover how leveraging FME with tools from giants like Google Gemini, Amazon, and Microsoft OpenAI can supercharge your workflow efficiency.
During the hour, we’ll take you through:
Guest Speaker Segment with Hannah Barrington: Dive into the world of dynamic real estate marketing with Hannah, the Marketing Manager at Workspace Group. Hear firsthand how their team generates engaging descriptions for thousands of office units by integrating diverse data sources—from PDF floorplans to web pages—using FME transformers, like OpenAIVisionConnector and AnthropicVisionConnector. This use case will show you how GenAI can streamline content creation for marketing across the board.
Ollama Use Case: Learn how Scenario Specialist Dmitri Bagh has utilized Ollama within FME to input data, create custom models, and enhance security protocols. This segment will include demos to illustrate the full capabilities of FME in AI-driven processes.
Custom AI Models: Discover how to leverage FME to build personalized AI models using your data. Whether it’s populating a model with local data for added security or integrating public AI tools, find out how FME facilitates a versatile and secure approach to AI.
We’ll wrap up with a live Q&A session where you can engage with our experts on your specific use cases, and learn more about optimizing your data workflows with AI.
This webinar is ideal for professionals seeking to harness the power of AI within their data management systems while ensuring high levels of customization and security. Whether you're a novice or an expert, gain actionable insights and strategies to elevate your data processes. Join us to see how FME and AI can revolutionize how you work with data!
“An Outlook of the Ongoing and Future Relationship between Blockchain Technologies and Process-aware Information Systems.” Invited talk at the joint workshop on Blockchain for Information Systems (BC4IS) and Blockchain for Trusted Data Sharing (B4TDS), co-located with with the 36th International Conference on Advanced Information Systems Engineering (CAiSE), 3 June 2024, Limassol, Cyprus.
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!SOFTTECHHUB
As the digital landscape continually evolves, operating systems play a critical role in shaping user experiences and productivity. The launch of Nitrux Linux 3.5.0 marks a significant milestone, offering a robust alternative to traditional systems such as Windows 11. This article delves into the essence of Nitrux Linux 3.5.0, exploring its unique features, advantages, and how it stands as a compelling choice for both casual users and tech enthusiasts.
2. WHITE PAPER: The Web Security Challenge: A Competitive Guide to Selecting Web Security Gateways
Table of Contents
_ÉÑçêÉ=ìëáåÖ=íÜáë=ÇçÅìãÉåí=óçì=ãìëí=~ÖêÉÉ=íç=íÜÉ=íÉêãë=çÑ=ìë~ÖÉK
qÜÉëÉ=íÉêãë=~êÉ=äáëíÉÇ=çå=íÜÉ=Ñáå~ä=é~ÖÉK
Executive Summary 4
Web 2.0 Effectiveness 7
Manageability and Scalability 9
Policy Interface 11
Reporting Capabilities 13
URL Filtering 15
Malware Filtering 16
Application Control 18
Data Loss Protection 20
Network Implementation 22
Integration with Other Solutions 24
Service and support 26
Test Methodology 28
Alexa 100,000 URL Filtering/Classification Test 28
«=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========O
3. WHITE PAPER: The Web Security Challenge: A Competitive Guide to Selecting Web Security Gateways
Table of Contents
_ÉÑçêÉ=ìëáåÖ=íÜáë=ÇçÅìãÉåí=óçì=ãìëí=~ÖêÉÉ=íç=íÜÉ=íÉêãë=çÑ=ìë~ÖÉK
qÜÉëÉ=íÉêãë=~êÉ=äáëíÉÇ=çå=íÜÉ=Ñáå~ä=é~ÖÉK
“Long Tail” or Extended URL Classification Test 28
Phishing and/or Proxy Avoidance URL Detection Accuracy Test29
Binary Exploits and Compromises Detection Accuracy Test 29
Malware-infected URL Detection Accuracy Test 30
Web 2.0-Based Malicious URL Detection Accuracy Test 30
Criteria Evaluation by UI Inspection 31
Interaction with Competing Vendors 32
Appendix: Product List 33
«=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========P
4. T
T H
H E
E
WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting
TOLLY Secure Web Gateways
GROU P
Executive Summary
The World Wide Web has changed dramatically in the past decade. The use of the
Web as an application platform, a communication medium, and a business tool,
combined with the migration of attackers onto the Web, demands new solutions to
help manage business and mitigate security threats. Enterprise IT managers
should carefully evaluate both the ease of management, as well as the effective-
ness, of gateway-based Web security solutions against a constantly evolving
threat landscape.
tÉÄëÉåëÉI=fåÅK=ÅçããáëëáçåÉÇ=qÜÉ=qçääó=dêçìé=íç=Éî~äì~íÉ=áíë=tÉÄ=pÉÅìJ
êáíó=d~íÉï~ó=~Ö~áåëí=çíÜÉê=~î~áä~ÄäÉ=Ö~íÉï~ó=ëÉÅìêáíó=éêçÇìÅíëK=qÜÉ=ÅçãJ
éÉíáåÖ=éêçÇìÅíë=íÉëíÉÇ=ïÉêÉW=_äìÉ=`ç~í=póëíÉãëÛ=mêçñópd=ONM=~åÇ=
mêçñó^s=RNM=~ééäá~åÅÉëI=`áëÅç=póëíÉãë=fåÅKÛë=fêçåmçêí=pSRM=tÉÄ=pÉÅìêáíó=
^ééäá~åÅÉI=qêÉåÇ=jáÅêçI=fåÅKÛë=fåíÉêpÅ~å=tÉÄ=pÉÅìêáíó=pìáíÉ=EftppFI=~åÇ=
pÉÅìêÉ=`çãéìíáåÖ=`çêéçê~íáçåÛë=pÉÅìêÉ=tÉÄ=EtÉÄï~ëÜÉêF=~ééäá~åÅÉK=
Note: All products under test shall be referenced by their manufacturer s
name hereafter in the document.
Websense Web Security Gateway combines powerful and
easy-to-manage software with the ability to mitigate
dynamic Web-based threats, exceeding other vendors
tested in meeting Gartner’s criteria* for buying Secure
Web Gateways.
GaáëÅä~áãÉêW
qÜÉ=d~êíåÉê=êÉéçêí= ^=_ìóÉêÛë=dìáÇÉ=íç=pÉÅìêÉ=tÉÄ=d~íÉï~óëÒ=Äó=mÉíÉê=cáêëíÄêççâ=~åÇ=
i~ïêÉåÅÉ=lê~åë=Ed~êíåÉê=o^p=`çêÉ=oÉëÉ~êÅÜ=kçíÉ=dMMNRVSSVX=NR=^ìÖìëí=OMMUF=ï~ë=
ìëÉÇ=çåäó=~ë=~=êÉèìáêÉãÉåíë=ÖìáÇÉ=áå=íÜáë=Éî~äì~íáçåK=eçïÉîÉêI=~åó=~åÇ=~ää=îÉåÇçê=~åÇ=
éêçÇìÅí=Åçãé~êáëçåë=~åÇ=Éî~äì~íáçåë=ïÉêÉ=ÇçåÉ=Äó=íÜÉ=qçääó=dêçìé=~åÇ=áå=åç=ï~ó=Çç=íÜÉó=
ÉñéêÉëë=íÜÉ=çéáåáçå=çÑ=d~êíåÉêK
^ää=ëí~íÉãÉåíë=áå=íÜáë=êÉéçêí=~ííêáÄìí~ÄäÉ=íç=d~êíåÉê=êÉéêÉëÉåí=tÉÄëÉåëÉI=fåÅKÛë=áåíÉêéêÉí~J
íáçå=çÑ=Ç~í~I=êÉëÉ~êÅÜ=çéáåáçå=çê=îáÉïéçáåíë=éìÄäáëÜÉÇ=~ë=é~êí=çÑ=~=ëóåÇáÅ~íÉÇ=ëìÄëÅêáéíáçå=
ëÉêîáÅÉ=Äó=d~êíåÉêI=fåÅKI=~åÇ=Ü~îÉ=åçí=ÄÉÉå=êÉîáÉïÉÇ=Äó=d~êíåÉêK=b~ÅÜ=d~êíåÉê=éìÄäáÅ~íáçå=
ëéÉ~âë=~ë=çÑ=áíë=çêáÖáå~ä=éìÄäáÅ~íáçå=Ç~íÉ=E~åÇ=åçí=~ë=çÑ=íÜÉ=Ç~íÉ=çÑ=íÜáë=êÉéçêíFK=qÜÉ=çéáåJ
áçåë=ÉñéêÉëëÉÇ=áå=d~êíåÉê=éìÄäáÅ~íáçåë=~êÉ=åçí=êÉéêÉëÉåí~íáçåë=çÑ=Ñ~ÅíI=~åÇ=~êÉ=ëìÄàÉÅí=íç=
ÅÜ~åÖÉ=ïáíÜçìí=åçíáÅÉK
fÑ=ÅäáÉåíë=ÇÉëáêÉ=d~êíåÉê=íç=îÉêáÑó=íÜ~í=èìçíÉë=~êÉ=~ÅÅìê~íÉ=~åÇ=Åçãéäó=ïáíÜ=d~êíåÉêÛë=`çéóJ
êáÖÜí=~åÇ=nìçíÉ=mçäáÅóI=d~êíåÉê=éêçîáÇÉë=~=ëÉêîáÅÉ=íÜ~í=îÉêáÑáÉë=èìçíÉ=~ÅÅìê~Åó=~åÇ=~ééêçJ
éêá~íÉåÉëëK=`äáÉåíë=ïáëÜáåÖ=íç=í~âÉ=~Çî~åí~ÖÉ=çÑ=íÜáë=ëÉêîáÅÉ=ëÜçìäÇ=Åçåí~Åí=d~êíåÉê=sÉåJ
Ççê=oÉä~íáçåë=~í=îÉåÇçêKêÉä~íáçåë]Ö~êíåÉêKÅçãK
«=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========Q
5. T
T H
H E
E
WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting
TOLLY Secure Web Gateways
GROU P
qçääó=dêçìé=ÉåÖáåÉÉêë=Éî~äì~íÉÇ=íÜÉ=éêçÇìÅíë=ìåÇÉê=íÉëí=Ä~ëÉÇ=
tÉÄëÉåëÉI= çå=~=ëÉí=çÑ=ÅêáíÉêá~=d~êíåÉê=áÇÉåíáÑáÉÇ=~ë=íÜÉ=ãçëíJ~Çî~åÅÉÇ=ÑÉ~J
fåÅK íìêÉë=íÜ~í=ÅçìäÇ=ÜÉäé=ïáíÜ=Åçãé~ê~íáîÉ=Éî~äì~íáçå=~åÇ=ëÉäÉÅíáçå=
çÑ=~=ëÉÅìêÉ=tÉÄ=Ö~íÉï~óK=qÉëíë=ïÉêÉ=ÅçåÇìÅíÉÇ=áå=lÅíçÄÉê=
pÉÅìêÉ=tÉÄ= OMMUK
d~íÉï~ó
cêçã=~=ÜáÖÜJäÉîÉä=éÉêëéÉÅíáîÉI=íÜÉ=d~êíåÉê=ptd=ÄìóÉêÛë=ÖìáÇÉ=
`çãéÉíáíáîÉ= ë~óë=íÜ~í=îÉåÇçêë=çÑ=roi=ÑáäíÉêáåÖI=éêçñó=ëÉêîÉêëI=~åÇ=~åíáJîáêìëL
bî~äì~íáçå=çÑ=tÉÄ=pÉÅìêáíó= ~åíáJëé~ã=ëçäìíáçåëI=~ää=~êÉ=~ééêç~ÅÜáåÖ=íÜÉ=ëÉÅìêÉ=tÉÄ=Ö~íÉJ
cÉ~íìêÉë ï~ó=ã~êâÉí=Ñêçã=ÇáÑÑÉêÉåí=ÇáêÉÅíáçåëK=qÜÉ=qçääó=dêçìéÛë=Ü~åÇëJçå=
~å~äóëáë=çÑ=íÜÉëÉ=éêçÇìÅíë=îÉêáÑáÉë=íÜ~í=ïÜáäÉ=íÜÉ=ã~àçêáíó=çÑ=
éêçÇìÅíë=íÉëíÉÇ=ÉñÅÉä=áå=~=ÑÉï=~êÉ~ëI=çåäó=tÉÄëÉåëÉÛë=tÉÄ=pÉÅìJ
êáíó=d~íÉï~ó=ëÅçêÉÇ=ìåáÑçêãäó=ÜáÖÜ=~åÇ=ÇÉäáîÉêÉÇ=ÑÉ~íìêÉJêáÅÜ=Å~é~ÄáäáíáÉë=
~Åêçëë=~ää=åáåÉ=ÑìåÅíáçå~ä=~êÉ~ë=íÜ~í=ÉåÖáåÉÉêë=Éñ~ãáåÉÇK=
qçääó=dêçìé=ÉåÖáåÉÉêë=~ëëáÖåÉÇ=~=ëìÄàÉÅíáîÉ=ëÅçêÉ=íç=É~ÅÜ=çÑ=íÜÉ=åáåÉ=
éêçÇìÅí=ÅêáíÉêá~=Éî~äì~íÉÇ=~åÇ=í~ääáÉÇ=~=ÅçãéçëáíÉ=ëÅçêÉ=Ñçê=É~ÅÜ=éêçÇìÅíK=
táíÜ=~=ëÅçêÉ=çÑ=OMNI=tÉÄëÉåëÉ=pÉÅìêáíó=d~íÉï~ó=~äãçëí=ÇçìÄäÉÇ=íÜÉ=éçáåí=
íçí~ä=çÑ=áíë=åÉñí=åÉ~êÉëí=ÅçãéÉíáíçêK=EpÉÉ=cáÖìêÉ=NI=é~ÖÉ=RKF
jçêÉçîÉêI=áå=~ÇÇáíáçå=íç=ëí~åÇ~êÇ=roi=ÑáäíÉêáåÖ=~åÇ=íê~Çáíáçå~ä=ã~äï~êÉ=éêçJ
íÉÅíáçå=íÜ~í=áë=~î~áä~ÄäÉ=çå=~åó=ëÉÅìêÉ=tÉÄ=Ö~íÉï~óI=tÉÄëÉåëÉ=áë=íÜÉ=Ñáêëí=
îÉåÇçê=Éñ~ãáåÉÇ=Äó=qÜÉ=qçääó=dêçìé=ÉåÖáåÉÉêë=íç=çÑÑÉê=~=Ñìääó=áåíÉÖê~íÉÇ=
aim=çéíáçåI=~ääçïáåÖ=íÜÉ=Åçãé~åó=íç=çÑÑÉê=~=äÉîÉä=çÑ=Ç~í~=äçëë=éêçíÉÅíáçå=
ìåã~íÅÜÉÇ=å~íáîÉäó=Äó=êáî~ä=éêçÇìÅíë=íÉëíÉÇK=qÜÉ=pÉÅìêÉ=tÉÄ=d~íÉï~ó=ÇÉJ
äáîÉêë=~=ãçêÉ=ÑìåÅíáçå~ä=ã~å~ÖÉãÉåí=áåíÉêÑ~ÅÉI=ëÅ~ä~Äáäáíó=Å~é~ÄáäáíáÉëI=~åÇ=
êáÅÜÉê=êÉéçêíáåÖ=ÑìåÅíáçåë=íÜ~å=êáî~ä=éêçÇìÅíë=íÉëíÉÇK
q~âÉå=~ë=~=ïÜçäÉI=íÜÉ=ÅçãéçëáíÉ=ëÅçêÉë=Ñêçã=É~ÅÜ=çÑ=íÜÉ=Éî~äì~íÉÇ=ëÉäÉÅJ
íáçå=ÅêáíÉêá~=ëÜçï=íÜ~í=tÉÄëÉåëÉÛë=tÉÄ=pÉÅìêáíó=d~íÉï~ó=áë=íÜÉ=ãçëí=
ÑÉ~íìêÉJêáÅÜ=çÑ=íÜÉ=éêçÇìÅíë=íÉëíÉÇI=~äçåÖ=ïáíÜW
çÑÑÉêáåÖ=íÜÉ=ïáÇÉëí=ÅçîÉê~ÖÉ=~åÇ=íÜÉ=ÖêÉ~íÉëí=~ÅÅìê~Åó=áå=
Å~íÉÖçêáòáåÖ=Çóå~ãáÅ=ÅçåíÉåí=çå=tÉÄ=OKM=ëáíÉë
ÄäçÅâáåÖ=ãçêÉ=fåíÉêåÉíJÄ~ëÉÇ=íÜêÉ~íë=íÜ~å=~ää=çíÜÉê=éêçÇìÅíë=íÉëíÉÇ
éêçîáÇáåÖ=íÜÉ=É~ëáÉëí=íç=ìëÉ=áåíÉêÑ~ÅÉ=çÑ=íÜÉ=éêçÇìÅíë=íÉëíÉÇ
ÇÉäáîÉêáåÖ=ÖêÉ~íÉê=ÑäÉñáÄáäáíó=íÜ~å=~åó=çíÜÉê=ëçäìíáçåë=íÉëíÉÇ
«=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========R
6. T
T H
H E
E
WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting
TOLLY Secure Web Gateways
GROU P
Composite Scores of Products Tested Across Evaluation Areas
All criteria listed were rated subjectively either by examining publicly available documentation from the
vendors; or by launching the management interface, configuring the desired behavior and observing the
results. The subjective usability, layout and overall effectiveness of each function by vendor has been
assigned a value ranging from 1 (least effective) to 4 (most effective) to indicate the Tolly engineers' im-
pression of each of the units tested. Detailed breakdown of scores in each area of evaluation can be
seen in Figures 4. through 12.
Source: The Tolly Group, November 2008 Figure 1
«=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========S
7. T
T H
H E
E
WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting
TOLLY Secure Web Gateways
GROU P
qÜáë=ïÜáíÉ=é~éÉê=ïáää=ÉñéäçêÉ=ÑáåÇáåÖë=Ñçê=É~ÅÜ=çÑ=íÜÉ=Éî~äì~íáçå=ÅêáíÉêá~=áå=
íÜÉ=é~ÖÉë=~åÇ=ÅÜ~êíë=íÜ~í=ÑçääçïK=
få=ÅçåÅäìëáçåI=tÉÄëÉåëÉ=tÉÄ=pÉÅìêáíó=d~íÉï~ó=ÅçãÄáåÉÇ=íÜÉ=ÄÉëí=çÑ=
ÄêÉÉÇ=íÉÅÜåçäçÖáÉë=íç=çÑÑÉê=~=éêçÇìÅí=íÜ~í=áë=É~ëáÉê=íç=ã~å~ÖÉI=ëÅ~äÉë=
ÄÉííÉêI=éêçîáÇÉë=ãçêÉ=Öê~åìä~ê=çéíáçåë=íç=Åçåíêçä=åÉíïçêâ=~ééäáÅ~íáçå=íê~ÑÑáÅ=
~åÇ=Öì~êÇë=~Ö~áåëí=íÜÉ=Çóå~ãáÅ~ääó=ÅÜ~åÖáåÖ=íÜêÉ~í=ä~åÇëÅ~éÉ=çÑ=tÉÄJ
Ä~ëÉÇ=~íí~ÅâëK
Web 2.0 Effectiveness
tÉÄ=OKM=ëáíÉë=~êÉ=ê~éáÇäó=ÖêçïáåÖ=íç=ÄÉ=ëçãÉ=çÑ=íÜÉ=ãçëí=îáëáíÉÇ=tÉÄ=ëáíÉë=
çå=íÜÉ=fåíÉêåÉíK=qÜÉ=~Äáäáíó=çÑ=ìëÉêë=íç=ÑêÉÉäó=ÅêÉ~íÉ=~åÇ=ìéäç~Ç=
ÅçåíÉåí=çåíç=tÉÄ=OKM=ëáíÉë=áë=áåÅêÉ~ëáåÖäó=~ííê~ÅíáîÉ=íç=~íí~ÅâÉêë=ïÜç
ìéäç~Ç=ã~äáÅáçìë=~åÇ=çÄàÉÅíáçå~ÄäÉ=ÅçåíÉåí=çåíç=êÉéìí~ÄäÉ=tÉÄ=OKM=ëáíÉë=
äáâÉ=_äçÖëéçí=EÜííéWLLÄäçÖëéçíKÅçãFI=tçêÇmêÉëë=EÜííéWLLïçêÇéêÉëëKçêÖFI=çê=
çåíç=äÉÖáíáã~íÉ=ëáíÉë=íÜ~í=Ü~îÉ=ÄÉÉå=ÅçãéêçãáëÉÇK=qÜÉ=~Äáäáíó=çÑ=~=tÉÄ=ëÉJ
Åìêáíó=Ö~íÉï~ó=íç=ÇÉíÉÅí=ã~äáÅáçìë=ÅçåíÉåí=~ÅÅìê~íÉäó=çå=Çóå~ãáÅ=tÉÄ=ëáíÉë=
äáâÉ=tÉÄ=OKM=êÉäáÉë=ÖêÉ~íäó=çå=êÉ~äJíáãÉ=~å~äóëáë=çÑ=ÅçåíÉåíI=~åÇ=åçí=àìëí=çå=
íÜÉ=êÉéìí~íáçå=çÑ=íÜÉ=tÉÄ=ëáíÉëK
qÉëíë=ìëáåÖ=VSR=äáîÉ=roië=Ñêçã=éçéìä~ê=tÉÄ=OKM=ëáíÉë=äáâÉ=ÄäçÖëéçíKÅçã=
~åÇ=ïçêÇéêÉëëKÅçã=íÜ~í=ïÉêÉ=ÜçëíáåÖ=ã~äáÅáçìë=çê=çÄàÉÅíáçå~ÄäÉ=ÅçåíÉåí=
êÉîÉ~äÉÇ=tÉÄëÉåëÉÛë=éçïÉêÑìä=êÉ~äJíáãÉ=ÅçåíÉåí=~å~äóëáë=Å~é~ÄáäáíóK=tÉÄJ
ëÉåëÉ=ÄäçÅâÉÇ=~äãçëí=VVB=çÑ=íÜÉ=ã~äáÅáçìë=roië=ïÜáäÉ=ÅçãéÉíáåÖ=éêçÇìÅíë=
ÄäçÅâÉÇ=ÄÉíïÉÉå=äÉëë=íÜ~å=OB=íç=~Äçìí=QMBK=EpÉÉ=cáÖìêÉ=OKF=
qÜáë=ÜìÖÉ=ëéêÉ~Ç=çÑ=êÉëìäíë=Ñêçã=éêçÇìÅíë=ìëáåÖ=tÉÄ=oÉéìí~íáçå=ëÉêîáÅÉë=
~åÇ=íê~Çáíáçå~ä=roi=Ç~í~Ä~ëÉë=ëÜçïë=íÜ~í=äÉÖ~Åó=ãÉíÜçÇë=çÑ=roi=ÑáäíÉêáåÖ=
~êÉ=åçí=éçïÉêÑìä=ÉåçìÖÜ=çå=íÜÉáê=çïåI=ìåäÉëë=áíÛë=~ìÖãÉåíÉÇ=Äó=ÉÑÑÉÅíáîÉ=
ìëÉ=çÑ=çíÜÉê=íÉÅÜåçäçÖáÉë=äáâÉ=çåJéêÉãáëÉëI=êÉ~äJíáãÉ=ÅçåíÉåí=~å~äóëáëI=ÜÉìJ
êáëíáÅëI=ÉíÅK
qÉëíë=~äëç=ëÜçïÉÇ=íÜ~í=tÉÄëÉåëÉ=Ü~Ç=íÜÉ=ïáÇÉëí=roi=ÅçîÉê~ÖÉ=çÑ=íÜÉ=
Úâåçïå=tÉÄÛ=çìí=çÑ=íÜÉ=éêçÇìÅíë=íÉëíÉÇI=~ë=ÉîáÇÉåÅÉÇ=Äó=íÜÉ=êÉëìäíë=Ñêçã=
íÜÉ=^äÉñ~=NMMIMMM=roi=Åä~ëëáÑáÅ~íáçå=íÉëíK=qÜáë=íÉëí=ëÜçïÉÇ=íÜ~í=íÜÉ=tÉÄJ
ëÉåëÉ=Åä~ëëáÑáÉÇ=VTKNB=çÑ=íÜÉ=íçé=NMMIMMM=ãçëí=îáëáíÉÇ=tÉÄ=ëáíÉë=çå=íÜÉ=
fåíÉêåÉí=E~ë=äáëíÉÇ=Äó=íÜÉ=^äÉñ~=NMMIMMM=roi=äáëíFI=ïÜáäÉ=ÅçãéÉíáåÖ=îÉåÇçêë=
Åä~ëëáÑáÉÇ=ÄÉíïÉÉå=VOB=íç=VQBK=EpÉÉ=cáÖìêÉ=PKF=
«=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========T
8. T
T H
H E
E
WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting
TOLLY Secure Web Gateways
GROU P
Web 2.0 Detection Accuracy Effectiveness
98.9
Percent of detection accuracy (%)
NMM
TR
RM 40.2
OR
11.1 11
1.8
M
Websense BlueCoat Cisco Secure Trend
Computing Micro
Note: All URLs tested were sourced from the Websense ThreatSeeker network, within
six to 24 hours of the testing window.
Source: The Tolly Group, November 2008 Figure 2
qÉëíë=~äëç=ëÜçïÉÇ=tÉÄëÉåëÉÛë=ëìéÉêáçê=~Äáäáíó=íç=Åä~ëëáÑó=íÜÉ=Úìåâåçïå=
tÉÄÛ=EêÉÑÉêêÉÇ=íç=~ë=íÜÉ=ÚiçåÖ=q~áäÛ=çÑ=íÜÉ=fåíÉêåÉíF=íóéáÅ~ääó=ÅçåëáëíáåÖ=çÑ=
àìåâI=éÉêëçå~ä=çê=ëÅ~ã=tÉÄ=ëáíÉëI=çê=íÜÉ=ãáääáçåë=çÑ=åÉï=tÉÄ=ëáíÉë=ÅêÉ~íÉÇ=
ÉîÉêó=Ç~óK=mêçÇìÅíë=ëçäÉäó=êÉäóáåÖ=çå=tÉÄ=êÉéìí~íáçåJÄ~ëÉÇ=Åä~ëëáÑáÅ~íáçå=çê=
íê~Çáíáçå~ä=roi=Ç~í~Ä~ëÉë=Å~ååçí=~ÇÉèì~íÉäó=âÉÉé=ìé=ïáíÜ=íÜÉ=ÇÉã~åÇ=íç=
Åä~ëëáÑó=tÉÄ=ëáíÉë=áå=íÜÉ=içåÖ=q~áä=çÑ=íÜÉ=fåíÉêåÉíK=tÉÄëÉåëÉ=ÇÉãçåëíê~íÉÇ=
áíë=ëíêÉåÖíÜ=áå=êÉ~äJíáãÉ=Åä~ëëáÑáÅ~íáçå=çÑ=tÉÄ=ÅçåíÉåí=Äó=Å~íÉÖçêáòáåÖ=VVKVB=
çÑ=íÜÉ=NUIRUM=äáîÉ=roië=ëçìêÅÉÇ=Ñêçã=íÜÉ=içåÖ=q~áäK=få=Åçåíê~ëíI=íÜÉ=ÅçãJ
éÉíáåÖ=îÉåÇçêë=Åä~ëëáÑáÉÇ=ÄÉíïÉÉå=PSB=~åÇ=TMBK
få=íÉëíë=ÑçÅìëáåÖ=çå=ÇÉíÉÅíáåÖ=~åÇ=ÄäçÅâáåÖ=roië=äÉ~ÇáåÖ=íç=mÜáëÜáåÖ=~åÇLçê=
mêçñó=~îçáÇ~åÅÉ=tÉÄ=ëáíÉëI=tÉÄëÉåëÉ=çåÅÉ=~Ö~áå=ÇÉíÉÅíÉÇ=VUKPB=çÑ=íÜÉ=
OIPMO=äáîÉ=roiëI=ïÜáäÉ=íÜÉ=ÅçãéÉíáåÖ=îÉåÇçêë=ÇÉíÉÅíÉÇ=ÄÉíïÉÉå=TMB=~åÇ=
UUBK=páãáä~êäóI=áå=íÉëíë=ïáíÜ=PTV=roië=Åçåí~áåáåÖ=Äáå~êó=Éñéäçáíë=çê=ÅçãJ
éêçãáëÉ=ÅçÇÉI=tÉÄëÉåëÉ=ÄäçÅâÉÇ=VVB=çÑ=roiëI=îÉêëìë=çíÜÉê=îÉåÇçêë=ïÜç=
ÄäçÅâÉÇ=ÄÉíïÉÉå=RPB=íç=VNBK=^äëçI=çå=íÉëíë=ïáíÜ=USR=roië=ÜçëíáåÖ=j~äJ
«=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========U
9. T
T H
H E
E
WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting
TOLLY Secure Web Gateways
GROU P
ï~êÉI=tÉÄëÉåëÉ=ÄäçÅâÉÇ=VUKQB=ïÜáäÉ=çíÜÉê=îÉåÇçêë=ÄäçÅâÉÇ=ÄÉíïÉÉå=SRB=
~åÇ=~êçìåÇ=VSBK=EpÉÉ=cáÖìêÉ=PKF
Web 2.0 Accuracy and Coverage Test Results
Source: The Tolly Group, November 2008 Figure 3
Manageability and Scalability
oÉÇìÅÉÇ=~Çãáåáëíê~íáçå=çîÉêÜÉ~Ç=áë=çåÉ=çÑ=íÜÉ=íçé=ÅçåÅÉêåë=çÑ=ëÉÅìêáíó=
~Çãáåáëíê~íçêëK=qÜÉ=êÉéçêí=ÉãéÜ~ëáòÉë=íÜÉ=áãéçêí~åÅÉ=çÑ=~å=ÉÑÑÉÅíáîÉ=í~ëâJ
çêáÉåíÉÇ=Öê~éÜáÅ~ä=ìëÉê=áåíÉêÑ~ÅÉ=EdrfF=~åÇ=ÅçãéêÉÜÉåëáîÉ=ã~å~ÖÉãÉåí=
áåíÉêÑ~ÅÉ=íç=äçïÉê=íçí~ä=Åçëí=çÑ=çïåÉêëÜáéK
qçääó=dêçìé=Ü~åÇëJçå=íÉëíáåÖ=ëÜçïë=íÜ~í=tÉÄëÉåëÉ=êÉÅÉáîÉ=~=ã~ñáãìã=
ëÅçêÉ=çÑ= QÒ=Ñçê=ÑáîÉ=çÑ=íÜÉ=ÉáÖÜí=ã~å~ÖÉãÉåí=áåíÉêÑ~ÅÉ=ÅêáíÉêá~=êÉîáÉïÉÇ=Äó=
ÉåÖáåÉÉêëK=låäó=çåÉ=çíÜÉê=éêçÇìÅí=Ü~Ç=íïç= QëÒ=Ñçê=áíë=ã~å~ÖÉãÉåí=áåíÉêJ
Ñ~ÅÉK=lÑ=é~êíáÅìä~ê=åçíÉ=ï~ë=tÉÄëÉåëÉÛë=êÉ~äJíáãÉ=ÉîÉåí=Ç~ëÜÄç~êÇ=ïáíÜ=
~Åíáçå~ÄäÉ=~äÉêíë=ïÜáÅÜ=Éå~ÄäÉë=ê~éáÇ=ÉîÉåí=áÇÉåíáÑáÅ~íáçå=~åÇ=éêç~ÅíáîÉ=áåJ
«=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========V
10. T
T H
H E
E
WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting
TOLLY Secure Web Gateways
GROU P
ÅáÇÉåí=êÉëéçåëÉK=tÉÄëÉåëÉ=~äëç=ï~ë=Öê~ÇÉÇ=~= QÒ=Ñçê=áíë=Åìëíçãáò~ÄäÉ=
Ç~ëÜÄç~êÇ=îáÉïëK=tÉÄëÉåëÉ=~äëç=É~êåÉÇ= QëÒ=Ñçê=Öê~åìä~ê=êçäÉJÄ~ëÉÇ=
Management and Scalability Scoring
Source: The Tolly Group, November 2008 Figure 4
«=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========NM
11. T
T H
H E
E
WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting
TOLLY Secure Web Gateways
GROU P
~Çãáåáëíê~íáçåI=~ìíçã~íÉÇ=~äÉêíáåÖI=~Çî~åÅÉÇ=ÜÉäéI=ÅÉåíê~äáòÉÇ=ã~å~ÖÉJ
ãÉåí=çÑ=ãìäíáéäÉ=~ééäá~åÅÉë=~åÇ=å~íáîÉ=äç~Ç=Ä~ä~åÅáåÖL~ÅíáîÉ=ÅäìëíÉêáåÖK=få=
íçí~äI=áí=É~êåÉÇ=QM=éçáåíëI=îÉêëìë=PN=Ñçê=íÜÉ=åÉ~êÉëí=ÅçãéÉíáíçêK=EpÉÉ=cáÖìêÉ=
QKF=
Policy Interface
^åó=éçäáÅó=áåíÉêÑ~ÅÉë=ëÜçìäÇ=ÄÉ=É~ëó=íç=ìëÉI=áåíìáíáîÉ=Ñçê=åçåJíÉÅÜåáÅ~ä=éÉêJ
ëçååÉä=~åÇ=ìëÉêJÑêáÉåÇäóK=eÉêÉI=íççI=tÉÄëÉåëÉ=êÉÅÉáîÉ= QëÒ=Ñçê=Ñçìê=çÑ=íÜÉ=
ëÉîÉå=ÅêáíÉêá~=êÉîáÉïÉÇ=~åÇ=ï~ë=íÜÉ=çåäó=ëÉÅìêÉ=Ö~íÉï~ó=îÉåÇçê=íç=êÉÅÉáîÉ=
íÜÉ=ÜáÖÜÉëí=ã~êâ=éçëëáÄäÉ=Ñçê=éçäáÅó=áåíÉêÑ~ÅÉëK
tÉÄëÉåëÉ=êÉÅÉáîÉÇ=íÜÉ=ÜáÖÜ=Öê~ÇÉë=Ñçê=íÜÉ=~Äáäáíó=íç=çÑÑÉê=~=ëáåÖäÉ=é~ÖÉ=
îáÉï=çÑ=éçäáÅó=ëí~íÉãÉåíëI=êÉìë~ÄäÉ=éçäáÅó=çÄàÉÅíëI=íÜÉ=~Äáäáíó=íç=ãçÇáÑó=áåJ
ÜÉêáíÉÇ=éçäáÅáÉë=~åÇ=Ñçê=êÉéçêíáåÖ=Äó=éçäáÅó=íóéÉI=ïÜáÅÜ=áë=ÉëëÉåíá~ä=áå=ÇÉíÉêJ
ãáåáåÖ=Åçãéäá~åÅÉ=íç=~=éçäáÅóK=lîÉê~ääI=tÉÄëÉåëÉ=É~êåÉÇ=~=ëÅçêÉ=çÑ=OOI=
îÉêëìë=áíë=åÉñí=åÉ~êÉëí=êáî~ä=ïáíÜ=~=ëÅçêÉ=çÑ=NQK=EpÉÉ=cáÖìêÉ=RKF
«=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========NN
12. T
T H
H E
E
WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting
TOLLY Secure Web Gateways
GROU P
Policy Interface Scoring
Source: The Tolly Group, November 2008 Figure 5
«=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========NO
13. T
T H
H E
E
WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting
TOLLY Secure Web Gateways
GROU P
Reporting Capabilities
oÉéçêíáåÖ=Å~é~ÄáäáíáÉë=Ü~îÉ=ÉãÉêÖÉÇ=~ë=~å=ÉëëÉåíá~ä=ÅçãéçåÉåí=çÑ=pÉÅìêÉ=
tÉÄ=Ö~íÉï~óë=ÄÉÅ~ìëÉ=íÜÉó=ÄêáÇÖÉ=íÜÉ=íÉÅÜåáÅ~ä=ïçêäÇ=ïáíÜ=íÜÉ=ÄìëáåÉëë=
ëáÇÉ=çÑ=íÜÉ=Åçãé~åóK=_ìëáåÉëë=ìëÉêë=ÇçåÛí=Ü~îÉ=íáãÉ=íç=ï~ÇÉ=íÜêçìÖÜ=ÖçÄë=
çÑ=íÉÅÜåáÅ~ä=Ç~í~I=Äìí=áåëíÉ~Ç=ï~åí=ëìãã~êó=áåÑç=Ü~êîÉëíÉÇ=~åÇ=éêÉëÉåíÉÇ=
áå=~å=É~ëó=íç=Ñçääçï=Ñçêã~íK=
tÉÄëÉåëÉ=êÉÅÉáîÉ=íÜÉ=ã~ñáãìã=ëÅçêÉ=çÑ= QÒ=áå=ÉáÖÜí=çÑ=åáåÉ=~î~áä~ÄäÉ=
Å~íÉÖçêáÉëI=ïÜáäÉ=êáî~ä=éêçÇìÅíë=ëÅçêÉÇ=~=N=çê=O=áå=ãçëí=Å~íÉÖçêáÉëK
tÉÄëÉåëÉ=É~êåÉÇ=~=ëÅçêÉ=çÑ=PRI=ïÜáäÉ=íÜÉ=åÉñí=ÅçãéÉíáåÖ=éêçÇìÅí=
êÉÅÉáîÉÇ=~=OOK=tÉÄëÉåëÉ=êÉÅÉáîÉÇ=ÜáÖÜ=Öê~ÇÉë=Ñçê=íÜÉ=äÉîÉä=çÑ=ÄìëáåÉëë=
çêáÉåíÉÇ=êÉéçêíë=çÑÑÉêÉÇI=íÜÉ=èìáÅâ=~ÅÅÉëë=íççäë=~î~áä~ÄäÉ=íç=ÖÉí=~í=Ç~í~K=^ÇJ
Çáíáçå~ääóI=êÉ~äJíáãÉ=êÉéçêíë=~åÇ=ÑçêÉåëáÅ=êÉéçêíë=~êÉ=~î~áä~ÄäÉ=EpÉÉ=cáÖìêÉ=
SKF
«=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========NP
14. T
T H
H E
E
WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting
TOLLY Secure Web Gateways
GROU P
Reporting Scores
Source: The Tolly Group, November 2008 Figure 6
«=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========NQ
15. T
T H
H E
E
WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting
TOLLY Secure Web Gateways
GROU P
URL Filtering
qÜÉ=~Äáäáíó=íç=Åçåíêçä=~åÇ=ãçåáíçê=tÉÄ=ìë~ÖÉ=Äó=ÉãéäçóÉÉë=áë=ÄÉÅçãáåÖ=~=
åÉÅÉëëáíó=Ñçê=Åçãé~åáÉëK=qÜÉ=~Äáäáíó=íç=ÉåÑçêÅÉ=Åçêéçê~íÉ=éçäáÅó=åçí=àìëí=
ïÜáäÉ=íÜÉ=ÉãéäçóÉÉë=~êÉ=çå=éêÉãáëÉëI=Äìí=~äëç=ïÜáäÉ=çÑÑJéêÉãáëÉë=ÄÉÅçãÉë=
î~äì~ÄäÉ=~ë=ÉãéäçóÉÉë=~êÉ=ÄÉÅçãáåÖ=áåÅêÉ~ëáåÖäó=ãçÄáäÉK
tÉÄëÉåëÉ=çåÅÉ=~Ö~áå=çÑÑÉêÉÇ=éçïÉêÑìä=~åÇ=ÑäÉñáÄäÉ=íççäë=íç=Öê~åìä~êäó=ÅçåJ
íêçä=íÜÉ=tÉÄ=~ÅÅÉëë=çÑ=ìëÉêë=ÄçíÜ=çå=~åÇ=çÑÑ=íÜÉ=éêÉãáëÉëX=~åÇ=ëÅçêÉÇ=~=
ã~ñáãìã=éçëëáÄäÉ=NO=éçáåíë=~Åêçëë=íÜêÉÉ=~êÉ~ë=Éî~äì~íÉÇK=EpÉÉ=cáÖìêÉ=TKF=
qÜÉ=åÉñí=ÅäçëÉëí=ÅçãéÉíáíçê=éêçÇìÅí=ëÅçêÉÇ=~=V=ïáíÜ=íÜÉ=êÉëí=ëÅçêáåÖ=Q=É~ÅÜK
URL Filtering Feature Scoring
Source: The Tolly Group, November 2008 Figure 7
«=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========NR
16. T
T H
H E
E
WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting
TOLLY Secure Web Gateways
GROU P
Malware Filtering
tÜáäÉ=roi=ÑáäíÉêáåÖ=áë=~=ëí~éäÉ=çÑ=~åó=ëÉÅìêÉ=tÉÄ=Ö~íÉï~óI=ã~äï~êÉ=ÑáäíÉêáåÖ=
áë=Ñ~ëí=Å~íÅÜáåÖ=çå=~ë=~=ÅêáíáÅ~ä=ÑìåÅíáçåK=sáêìë=ÇÉíÉÅíáçå=~åÇ=
êÉãçî~ä=áå=Ö~íÉï~óë=áë=ÅêáíáÅ~ä=~ë=ãçêÉ=ã~äï~êÉ=ãçîÉë=íç=~=tÉÄ=ÇáëíêáÄìJ
íáçå=ãÉíÜçÇ=~åÇ=ÉåÇéçáåí=éêçíÉÅíáçå=ëíêìÖÖäÉë=íç=âÉÉé=é~ÅÉ=ïáíÜ=íÜÉ=îçäìãÉ=
çÑ=íÜêÉ~íëK=
eÉêÉI=qÜÉ=qçääó=dêçìé=ÉåÖáåÉÉêë=ÅçåÇìÅíÉÇ=~=Ü~åÇëJçå=íÉëí=çÑ=ÅÉêí~áå=ÑÉ~J
íìêÉëI=ïÜáäÉ=~ëëáÖåáåÖ=ëìÄàÉÅíáîÉ=ëÅçêÉë=íç=íÜÉ=éêçÇìÅíëÛ=~êÅÜáíÉÅíìêÉ=~åÇ=
ÉîÉåí=~äÉêíë=Å~é~ÄáäáíáÉëK
tÉÄëÉåëÉ=~ÅÜáÉîÉÇ=~=VUKQB=ëÅçêÉ=Ñçê=ÇÉíÉÅíáçå=~ÅÅìê~Åó=çÑ=ã~äï~êÉ=Ñçê=
USR=ëáíÉë=ÜçëíáåÖ=ã~äáÅáçìë=ÑáäÉëK=líÜÉê=îÉåÇçêë=ê~åÖÉÇ=Ñêçã=SRB=íç=VSB=
ã~äï~êÉ=ÇÉíÉÅíáçå=~ÅÅìê~ÅóK=EpÉÉ=cáÖìêÉ=UKF
tÉÄëÉåëÉ=~äëç=ï~ë=ëìÅÅÉëëÑìä=~í=ÇÉíÉÅíáåÖ=~åÇ=~îçáÇáåÖ=éÜáëÜáåÖ=~åÇ=
éêçñó=ëáíÉë=VUKPB=çÑ=íÜÉ=íáãÉI=îÉêëìë=TMB=íç=UUB=Ñçê=çíÜÉê=éêçÇìÅíë=íÉëíÉÇK=
^åÇ=tÉÄëÉåëÉ=ï~ë=ëìÅÅÉëëÑìä=VVB=çÑ=íÜÉ=íáãÉ=~í=ÇÉíÉÅíáåÖ=~åÇ=~îçáÇáåÖ=
ëáíÉë=ïáíÜ=ã~äáÅáçìë=Éñéäçáíë=çê=ÇêáîÉJÄó=ÑáäÉ=áåëí~ääëK=líÜÉê=éêçÇìÅíë=ïÉêÉ=
ëìÅÅÉëëÑìä=çåäó=RQB=íç=VNB=çÑ=íÜÉ=íáãÉK
tÉÄëÉåëÉ=ï~ë=~äëç=íÜÉ=çåäó=îÉåÇçê=íç=êÉÅÉáîÉ=íÜÉ=ã~ñáãìã=ëÅçêÉ=çÑ= QÒ=
Ñçê=áíë=ëçäìíáçå=~êÅÜáíÉÅíìêÉ=ÇìÉ=íç=áíë=ÜóÄêáÇ=~êÅÜáíÉÅíìêÉK=qÜáë=áë=Ä~ëÉÇ=çå=
d~êíåÉêÛë=ÇáëÅìëëáçå=çÑ=íÜÉ=ÄÉåÉÑáíë=çÑ=~= ÜóÄêáÇÒ=~êÅÜáíÉÅíìêÉ=íÜ~í=ìíáäáòÉë=
éêçñó=íÉÅÜåçäçÖó=Ñçê=Öê~åìä~êáíó=~åÇ=ÇÉí~áäÉÇ=Åçåíêçä=ÅçìéäÉÇ=ïáíÜ=åÉíïçêâ=
ãçåáíçêáåÖ=Å~é~ÄáäáíáÉë=Ñçê=ëÅ~ä~Äáäáíó=~åÇ=Äêç~Ç=ÅçîÉê~ÖÉK
«=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========NS
17. T
T H
H E
E
WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting
TOLLY Secure Web Gateways
GROU P
Malware Detection Scores
Source: The Tolly Group, November 2008 Figure 8
«=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========NT
18. T
T H
H E
E
WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting
TOLLY Secure Web Gateways
GROU P
Application Control
bãÄÉÇÇÉÇ=~ééäáÅ~íáçåJäÉîÉä=Åçåíêçäë=Éå~ÄäÉ=ëÉÅìêáíó=~Çãáåáëíê~íçêë=íç=ÖçîJ
Éêå=íÜÉ=~Ççéíáçå=~åÇ=ìë~ÖÉ=çÑ=tÉÄJÄ~ëÉÇ=~ééäáÅ~íáçåë=ëìÅÜ=~ë=fjI=pâóéÉI=
mOmI=~åÇ=ãçêÉK=qçääó=dêçìé=ÉåÖáåÉÉêë=~ï~êÇÉÇ=íÜÉ=ã~ñáãìã=ëÅçêÉ=çÑ= QÒ=
íç=íÜÉ=tÉÄëÉåëÉ=éêçÇìÅí=áå=Ñçìê=çÑ=íÜÉ=ÑáîÉ=^ééäáÅ~íáçå=`çåíêçä=Å~íÉÖçêáÉë=
Éñ~ãáåÉÇK=EpÉÉ=cáÖìêÉ=VKF=
tÉÄëÉåëÉ=É~êåÉÇ=NV=çìí=çÑ=~=éçëëáÄäÉ=OM=éçáåíëI=ïáíÜ=íÜÉ=åÉñíJåÉ~êÉëí=
ÅçãéÉíáíçê=ÅçãáåÖ=áå=ïáíÜ=~=ëÅçêÉ=çÑ=NNK=tÉÄëÉåëÉ=É~êåÉÇ=ÜáÖÜ=Öê~ÇÉë=Ñçê=
áíë=~Äáäáíó=íç=Å~íÉÖçêáòÉ=~ééäáÅ~íáçåëI=ïÜáÅÜ=É~ëÉë=íÜÉ=ÅêÉ~íáçå=~åÇ=~ÇãáåáJ
ëíê~íáçå=çÑ=éçäáÅáÉëK=fí=~äëç=É~êåÉÇ=~=ã~ñáãìã=ëÅçêÉ=Ñçê=éçäáÅó=ÉåÑçêÅÉãÉåí=
Äó=Å~íÉÖçêóI=ïÜáÅÜ=êÉÇìÅÉë=íÜÉ=ïçêâäç~Ç=~åÇ=íÜÉ=åìãÄÉê=çÑ=ÉêêçêëK=^åÇ=
tÉÄëÉåëÉ=É~êåÉÇ=~=ã~ñáãìã=ëÅçêÉ=Ñçê=Åä~ëëáÑóáåÖ=mOm=~ë=~=ÇáëíáåÅíäó=ÇáÑJ
ÑÉêÉåí=~ééäáÅ~íáçå=íÜ~å=çíÜÉêëI=ëáåÅÉ=áí=éçëÉë==ÖêÉ~íÉê=êáëâë=ÇìÉ=íç=ÑáäÉ=íê~åëJ
ÑÉêëK=
«=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========NU
19. T
T H
H E
E
WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting
TOLLY Secure Web Gateways
GROU P
Application Control Scores
Source: The Tolly Group, November 2008 Figure 9
«=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========NV
20. T
T H
H E
E
WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting
TOLLY Secure Web Gateways
GROU P
Data Loss Protection
tÉÄëÉåëÉ=ëçäìíáçå=ï~ë=íÜÉ=çåäó=éêçÇìÅí=íÉëíÉÇ=íç=É~êå=~=ã~ñáãìã=ëÅçêÉ=áå=
ÉîÉêó=Å~íÉÖçêó=Ñçê=Ç~í~=äçëë=éêçíÉÅíáçåI=Ñçê=~=íçí~ä=çÑ=PO=éçáåíëK=qÜÉ=åÉñí=
åÉ~êÉëí=îÉåÇçê=É~êåÉÇ=NQ=éçáåíëK=EpÉÉ=cáÖìêÉ=NMKF
^ë=íÜÉ=tÉÄ=ÄÉÅçãÉë=ãçêÉ=áåíÉê~ÅíáîÉ=Äó=å~íìêÉI=çêÖ~åáò~íáçåë=~êÉ=ÅçåJ
ÅÉêåÉÇ=~Äçìí=íÜÉ=êáëâ=Ñçê=íÜÉ=äçëë=çÑ=ëÉåëáíáîÉ=Ç~í~K=pÉÅìêÉ=tÉÄ=Ö~íÉï~óë=
ÅçãÄ~í=íÜáë=Äó=çÑÑÉêáåÖ=íÜÉ=~Äáäáíó=íç=ÇÉíÉÅí=åçåJÅçãéäá~åÅÉ=íç=Åçêéçê~íÉ=
~åÇ=êÉÖìä~íçêó=éçäáÅáÉëK=táíÜ=Ñìää=áåíÉÖê~íáçå=ïáíÜ=íÜÉ=tÉÄëÉåëÉ=a~í~=pÉÅìJ
êáíó=pçäìíáçå=çÑÑÉêÉÇI=tÉÄëÉåëÉ=ï~ë=íÜÉ=çåäó=îÉåÇçê=íç=çÑÑÉê=~=éêÉÇÉíÉêJ
ãáåÉÇ=åìãÄÉê=çÑ=íÉãéä~íÉë=íç=Öì~êÇ=~Ö~áåëí=åçåJÅçãéäá~åÅÉI=Ñçê=íÜáåÖë=
ëìÅÜ=~ë=ÅêÉÇáí=Å~êÇë=çê=ëçÅá~ä=ëÉÅìêáíó=åìãÄÉêëK==tÉÄëÉåëÉ=~äëç=ï~ë=ÅáíÉÇ=
Ñçê=áíë=ëíêÉåÖíÜ=~í=ÇÉÉé=ÅçåíÉåí=áåëéÉÅíáçåI=ïÜÉêÉ=çíÜÉê=éêçÇìÅíë=Çç=åçí=
Ü~îÉ=íÜÉ=Å~é~Äáäáíó=çê=~êÉ=ïÉ~â=~í=áíK
e~åÇëJçå=Éñ~ãáå~íáçå=çÑ=íÜÉ=éêçÇìÅíë=ëÜçï=íÜ~í=ëçãÉ=çÑÑÉêáåÖëI=ëìÅÜ=~ë=
_äìÉ`ç~í=mêçñó=pdONM=~åÇ=qêÉåÇ=jáÅêç=fåíÉêëÅ~å=tÉÄ=pÉÅìêáíó=pìáíÉ=Çç=
åçí=çÑÑÉê=~åó=Ç~í~=äçëë=éêÉîÉåíáçå=Ñ~ÅáäáíáÉë=çê=áåíÉÖê~íáçå=çéíáçåëK
«=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========OM
21. T
T H
H E
E
WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting
TOLLY Secure Web Gateways
GROU P
Data Loss Prevention Scores
Source: The Tolly Group, November 2008 Figure 10
«=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========ON
22. T
T H
H E
E
WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting
TOLLY Secure Web Gateways
GROU P
Network Implementation
tÉÄëÉåëÉ=ëÅçêÉÇ=NN=çìí=çÑ=~=éçëëáÄäÉ=OM=éçáåíëI=ÑçääçïáåÖ=pÉÅìêÉ=tÉÄ=
Ñêçã=pÉÅìêÉ=`çãéìíáåÖ=ïÜáÅÜ=ëÅçêÉÇ=NQI=~åÇ=fåíÉêpÅ~å=tÉÄ=pÉÅìêáíó=
pìáíÉ=Ñêçã=qêÉåÇ=jáÅêç=ïÜáÅÜ=ëÅçêÉÇ=NOK=EpÉÉ=cáÖìêÉ=NNKF
qçÇ~óÛë=çêÖ~åáò~íáçåë=êÉèìáêÉ=~=ÑäÉñáÄäÉ=ëçäìíáçå=íÜ~í=Å~å=áåíÉÖê~íÉ=ïáíÜ=íÜÉ=
ïáÇÉ=ê~åÖÉ=çÑ=åÉíïçêâ=íçéçäçÖáÉë=ÅìêêÉåíäó=áå=ìëÉK=tÉÄëÉåëÉ=çÑÑÉêë=ÄçíÜ=
çåJéêÉãáëÉë=~åÇ=Ñìääó=ÜçëíÉÇ=tÉÄ=ëÉÅìêáíó=çéíáçåë=éêçîáÇáåÖ=ÅìëíçãÉê=ïáíÜ=
ãçêÉ=ÅÜçáÅÉë=ïÜÉå=ÇÉëáÖåáåÖ=~=ÇáëíêáÄìíÉÇ=ëçäìíáçåK=pìééçêí=Ñçê=~=Äêç~Ç=
ê~åÖÉ=çÑ=Ü~êÇï~êÉ=~åÇ=ëçÑíï~êÉ=éä~íÑçêãë=Éå~ÄäÉë=É~ëó=áåíÉÖê~íáçå=áåíç=
ãçëí=ÅìëíçãÉê=åÉíïçêâëK=e~êÇï~êÉ=~ééäá~åÅÉë=~êÉ=çÑíÉå=ìëÉÇ=Ñçê=ëã~ääÉê=
áåëí~ää~íáçåë=íÜ~í=ä~Åâ=ÉñéÉêáÉåÅÉÇ=áãéäÉãÉåí~íáçå=ëí~ÑÑI=Äìí=~êÉ=äÉëë=çÑíÉå=
ìëÉÇ=áå=ÉåíÉêéêáëÉ=åÉíïçêâë=Ä~ëÉÇ=çå=íÜÉ=ÜáÖÜÉê=ÅçëíëK
«=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========OO
23. T
T H
H E
E
WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting
TOLLY Secure Web Gateways
GROU P
Delivery and Network Implementation Feature Scores
Source: The Tolly Group, November 2008 Figure 11
«=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========OP
24. T
T H
H E
E
WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting
TOLLY Secure Web Gateways
GROU P
Integration with Other Solutions
fåíÉÖê~íáçå=ïáíÜ=çíÜÉê=éêçÇìÅíëI=ëìÅÜ=~ë=äç~Ç=Ä~ä~åÅÉêëI=éêçñáÉëI=bJã~áä=~åÇ=
çíÜÉê=ëçäìíáçå=ã~ó=åçí=ÄÉ=ÅêáíáÅ~äI=Äìí=ã~ó=óáÉäÇ=ëìÑÑáÅáÉåí=ÄÉåÉÑáíë=íç=ï~êê~åí=
íÜÉ=áåíÉÖê~íáçåK=tÜáäÉ=ãçëí=éêçÇìÅíë=íÉëíÉÇ=É~êåÉÇ=éççê=ëÅçêÉë=Ñçê=áåíÉÖê~J
íáçåI=tÉÄëÉåëÉ=ÉñÅÉääÉÇ=áå=íÜÉ=~êÉ~=çÑ=ÑáêÉï~ääëI=~êÅÜáîáåÖ=~åÇ=aim=ëóëJ
íÉãëK=EpÉÉ=cáÖìêÉ=NOKF
«=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========OQ
25. T
T H
H E
E
WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting
TOLLY Secure Web Gateways
GROU P
Integration Scores
Source: The Tolly Group, November 2008 Figure 12
«=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========OR
26. T
T H
H E
E
WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting
TOLLY Secure Web Gateways
GROU P
Service and support
pÉêîáÅÉ=~åÇ=ëìééçêí=çéíáçåë=~êÉ=~å=áãéçêí~åí=Ñ~Åíçê=íç=ÅçåëáÇÉê=ïÜÉå=ëÉJ
äÉÅíáåÖ=~=ëçäìíáçåK=qÜÉ=èì~äáíó=çÑ=ëÉêîáÅÉ=çÑÑÉêáåÖë=Å~å=î~êó=ïáÇÉäó=~ãçåÖ=
îÉåÇçêëK=_~ëÉÇ=çå=íÜÉ=ëÅçéÉ=çÑ=íÜáë=êÉéçêíI=íÉëíáåÖ=çÑ=íÜÉ=ëÉêîáÅÉ=çéíáçåë=
çÑÑÉêÉÇ=Äó=íÜÉ=îÉåÇçêë=ï~ë=åçí=éÉêÑçêãÉÇI=ëç=~=èì~äáí~íáîÉ=ê~íáåÖ=çÑ=íÜÉ=
îÉåÇçê=ëÉêîáÅÉë=Ü~ë=åçí=ÄÉÉå=éêçîáÇÉÇK=qÜÉ=çÑÑÉêáåÖë=Ñêçã=É~ÅÜ=îÉåÇçê=
Ü~îÉ=ÄÉÉå=ÉåìãÉê~íÉÇ=íç=áåÇáÅ~íÉ=áÑ=íÜÉó=éêçîáÇÉ=íÜÉ=íóéÉë=çÑ=ëìééçêí=çéJ
íáçåë=áåÇáÅ~íÉÇI=ëç=~=ÜáÖÜÉê=ëÅçêÉ=áåÇáÅ~íÉë=~=Äêç~ÇÉê=ê~åÖÉ=çÑ=çÑÑÉêáåÖëI=Äìí=
åçí=åÉÅÉëë~êáäó=~=ëìéÉêáçê=çÑÑÉêáåÖK=EpÉÉ=cáÖìêÉ=NPKF
«=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========OS
27. T
T H
H E
E
WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting
TOLLY Secure Web Gateways
GROU P
Service and Support Scores
Source: The Tolly Group, November 2008 Figure 13
«=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========OT
28. T
T H
H E
E
WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting
TOLLY Secure Web Gateways
GROU P
Test Methodology
Alexa 100,000 URL Filtering/
Classification Test
qÜÉ=Ä~ëáÅ=roi=ÑáäíÉêáåÖ=Å~é~ÄáäáíáÉë=çÑ=É~ÅÜ=ëóëíÉã=ï~ë=íÉëíÉÇ=Äó=ëÅêáéíáåÖ=
ëí~åÇ~êÇ=ïçêâëí~íáçåë=íç=~ÅÅÉëë=~=ë~ãéäÉ=ëÉí=çÑ=NMMIMMM=roië=Ñêçã=íÜÉ=
^äÉñ~=qçé=NMMIMMM=ãçëí=îáëáíÉÇ=tÉÄ=ëáíÉë=íÜêçìÖÜ=íÜÉ=éêçÇìÅí=ìåÇÉê=íÉëíK=
^ää=~î~áä~ÄäÉ=roi=Å~íÉÖçêáÉë=çÑ=Åä~ëëáÑáÅ~íáçå=çå=~=éêçÇìÅí=ïÉêÉ=Éå~ÄäÉÇ=
~åÇ=ÅçåÑáÖìêÉÇ=íç=ÄäçÅâ=~ÅÅÉëë=íç=~åó=roi=ã~íÅÜáåÖ=çåÉ=çÑ=íÜÉ=ÇÉÑáåÉÇ=ÑáäJ
íÉêáåÖ=Å~íÉÖçêáÉëK=fÑ=~=roi=ï~ë=Åä~ëëáÑáÉÇ=ìåÇÉê=~åó=Å~íÉÖçêó=~î~áä~ÄäÉ=çå=
íÜÉ=éêçÇìÅíI=íÜÉ=roi=ï~ë=ÄäçÅâÉÇK=fÑ=íÜÉ=roi=ÅçìäÇ=åçí=ÄÉ=Åä~ëëáÑáÉÇ=ìåÇÉê=
~åó=~î~áä~ÄäÉ=Å~íÉÖçêóI=íÜÉ=éêçÇìÅí=ìåÇÉê=íÉëí=ï~ë=ÅçåÑáÖìêÉÇ=íç=ÖÉåÉê~íÉ=
~å=~äÉêíK=qÜÉ=äçÖë=çÑ=É~ÅÜ=ÇÉîáÅÉ=ïÉêÉ=íÜÉå=ÅçêêÉä~íÉÇ=ïáíÜ=íÜÉ=ë~ãéäÉ=ëÉí=
íç=~êêáîÉ=~í=íÜÉ=ÇÉîáÅÉÛë=ëÅçêÉK=^ë=äçåÖ=~ë=~=roi=ï~ë=Åä~ëëáÑáÉÇ=ìåÇÉê=~å=
ÉñáëíáåÖ=Å~íÉÖçêó=çÑ=Åä~ëëáÑáÅ~íáçå=çå=íÜÉ=éêçÇìÅíI=íÜÉ=êÉëìäí=ï~ë=ÅçåëáÇÉêÉÇ=
î~äáÇK=qÜÉ=êÉëìäíáåÖ=ëÅçêÉ=Ü~ë=ÄÉÉå=êÉÅçêÇÉÇ=~ë=íÜÉ=éÉêÅÉåí~ÖÉ=çÑ=roië=
ëìÅÅÉëëÑìääó=Å~íÉÖçêáòÉÇ=çê=ÑáäíÉêÉÇ=~Ö~áåëí=íÜÉ=ë~ãéäÉ=ëÉíK=qÉëíë=ïÉêÉ=êÉJ
éÉ~íÉÇ=íïáÅÉ=íç=ÉåëìêÉ=êÉéÉ~í~Äáäáíó=~åÇ=íÜÉ=êÉëìäíë=~îÉê~ÖÉÇK=
“Long Tail” or Extended URL
Classification Test
cçê=íÜáë=íÉëíI=ÉåÖáåÉÉêë=ìëÉÇ=~=ëÉí=çÑ=NUIRUM=roië=çÄí~áåÉÇ=Ñêçã=íÜÉ=tÉÄJ
ëÉåëÉ=qÜêÉ~ípÉÉâÉê=åÉíïçêâK=qÜÉ=roië=ïÉêÉ=ÅÜçëÉå=Ñêçã=~=éççä=çÑ=roië=
ëìÄãáííÉÇ=íç=íÜÉ=qÜêÉ~ípÉÉâÉê=åÉíïçêâ=Ñçê=Åä~ëëáÑáÅ~íáçå=Äó=ÉåÇJìëÉêë=
~êçìåÇ=íÜÉ=ïçêäÇK=qÜÉ=roië=ïÉêÉ=ÅçääÉÅíÉÇ=Ñêçã=íÜÉ=éççä=ïáíÜáå=ëáñ=íç=OQ=
Üçìêë=çÑ=íÜÉ=íÉëíáåÖ=ïáåÇçïI=íç=ÉåëìêÉ=íÜ~í=íÜÉ=roië=íÉëíÉÇ=ïçìäÇ=ÄÉ=äáîÉ=
çå=íÜÉ=fåíÉêåÉíK=låÅÉ=~Ö~áåI=ÉåÖáåÉÉêë=Éå~ÄäÉÇ=~ää=~î~áä~ÄäÉ=roi=Åä~ëëáÑáÅ~J
íáçå=Å~íÉÖçêáÉë=~î~áä~ÄäÉ=çå=éêçÇìÅíë=ìåÇÉê=íÉëíI=~åÇ=îÉêáÑáÉÇ=íÜÉ=äçÖë=çÑ=
É~ÅÜ=ÇÉîáÅÉ=íç=çÄí~áå=íÜÉ=åìãÄÉê=çÑ=Åä~ëëáÑáÉÇ=~åÇ=åìãÄÉê=çÑ=ãáëëÉÇ=roiëK= =
fÑ=~=roi=ï~ë=Åä~ëëáÑáÉÇ=ìåÇÉê=çåÉ=çÑ=íÜÉ=Éå~ÄäÉÇ=Å~íÉÖçêáÉë=çå=íÜÉ=éêçÇìÅíI=
íÜÉ=roi=ï~ë=ÄäçÅâÉÇK=fÑ=íÜÉ=roi=ÅçìäÇ=åçí=ÄÉ=Åä~ëëáÑáÉÇ=ìåÇÉê=~åó=Éå~ÄäÉÇ=
Å~íÉÖçêóI=íÜÉ=éêçÇìÅí=ìåÇÉê=íÉëí=ï~ë=ÅçåÑáÖìêÉÇ=íç=ÖÉåÉê~íÉ=~å=~äÉêíK=båÖáJ
åÉÉêë=íÜÉå=Å~äÅìä~íÉÇ=íÜÉ=ÇÉíÉÅíáçå=~ÅÅìê~Åó=çÑ=íÜÉ=éêçÇìÅí=~ë=íÜÉ=ê~íáç=çÑ=
~ää=roië=ëìÅÅÉëëÑìääó=Åä~ëëáÑáÉÇ=çìí=çÑ=íÜÉ=íçí~ä=roië=íêáÉÇK=qÜÉ=êÉëìäíáåÖ=
«=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========OU
29. T
T H
H E
E
WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting
TOLLY Secure Web Gateways
GROU P
ëÅçêÉ=Ü~ë=ÄÉÉå=êÉÅçêÇÉÇ=~ë=íÜÉ=éÉêÅÉåí~ÖÉ=ëìÅÅÉëëÑìääó=Å~íÉÖçêáòÉÇ=çê=ÑáäJ
íÉêÉÇ=~Ö~áåëí=íÜÉ=ë~ãéäÉ=ëÉíK=qÉëíë=ïÉêÉ=êÉéÉ~íÉÇ=íïáÅÉ=íç=ÉåëìêÉ=êÉéÉ~íJ
~Äáäáíó=~åÇ=íÜÉ=êÉëìäíë=~îÉê~ÖÉÇK
Phishing and/or Proxy Avoidance URL
Detection Accuracy Test
cçê=íÜáë=íÉëíI=ÉåÖáåÉÉêë=ìëÉÇ=~=ëÉí=çÑ=OIPMO=roië=çÄí~áåÉÇ=Ñêçã=íÜÉ=tÉÄJ
ëÉåëÉ=qÜêÉ~ípÉÉâÉê=åÉíïçêâK=qÜÉ=roië=ïÉêÉ=ÅÜçëÉå=Ñêçã=~=éççä=çÑ=roië=
ÇÉíÉÅíÉÇ=Äó=íÜÉ=qÜêÉ~ípÉÉâÉê=åÉíïçêâ=~êçìåÇ=íÜÉ=ïçêäÇ=~ë=roië=çÑ=tÉÄ=
ëáíÉë=Åçåí~áåáåÖ=mÜáëÜáåÖ=Éñéäçáíë=çê=Ñ~Åáäáí~íÉÇ=mêçñó=^îçáÇ~åÅÉK=
qÜÉ=roië=ïÉêÉ=ÅçääÉÅíÉÇ=Ñêçã=íÜÉ=éççä=ïáíÜáå=ëáñ=Üçìêë=çÑ=íÜÉ=íÉëíáåÖ=ïáåJ
ÇçïI=íç=ÉåëìêÉ=íÜ~í=íÜÉ=roië=íÉëíÉÇ=ïçìäÇ=ÄÉ=äáîÉ=çå=íÜÉ=fåíÉêåÉíK=låÅÉ=
~Ö~áåI=ÉåÖáåÉÉêë=Éå~ÄäÉÇ=~ää=roi=Åä~ëëáÑáÅ~íáçå=Å~íÉÖçêáÉë=êÉä~íÉÇ=íç=mÜáëÜJ
áåÖ=~åÇ=mêçñó=^îçáÇ~åÅÉ=Å~íÉÖçêáÉë=~î~áä~ÄäÉ=çå=éêçÇìÅíë=ìåÇÉê=íÉëíI=~åÇ=
îÉêáÑáÉÇ=íÜÉ=äçÖë=çÑ=É~ÅÜ=ÇÉîáÅÉ=íç=çÄí~áå=íÜÉ=åìãÄÉê=çÑ=Åä~ëëáÑáÉÇ=~åÇ=åìãJ
ÄÉê=çÑ=ãáëëÉÇ=roiëK=fÑ=~=roi=ï~ë=Åä~ëëáÑáÉÇ=ìåÇÉê=çåÉ=çÑ=íÜÉ=Å~íÉÖçêáÉë=
Éå~ÄäÉÇ=çå=íÜÉ=éêçÇìÅíI=íÜÉ=roi=ï~ë=ÄäçÅâÉÇK=fÑ=íÜÉ=roi=ÅçìäÇ=åçí=ÄÉ=
Åä~ëëáÑáÉÇ=ìåÇÉê=~åó=Éå~ÄäÉÇ=Å~íÉÖçêóI=íÜÉ=éêçÇìÅí=ìåÇÉê=íÉëí=ï~ë=ÅçåÑáÖJ
ìêÉÇ=íç=ÖÉåÉê~íÉ=~å=~äÉêíK=båÖáåÉÉêë=íÜÉå=Å~äÅìä~íÉÇ=íÜÉ=ÇÉíÉÅíáçå=~ÅÅìê~Åó=
~ë=íÜÉ=éÉêÅÉåí~ÖÉ=çÑ=roië=ëìÅÅÉëëÑìääó=Å~íÉÖçêáòÉÇ=çê=ÑáäíÉêÉÇ=çìí=çÑ=íÜÉ=
ë~ãéäÉ=ëÉíK=qÉëíë=ïÉêÉ=êÉéÉ~íÉÇ=íïáÅÉ=íç=ÉåëìêÉ=êÉéÉ~í~Äáäáíó=~åÇ=íÜÉ=êÉJ
ëìäíë=~îÉê~ÖÉÇK
Binary Exploits and Compromises
Detection Accuracy Test
cçê=íÜáë=íÉëíI=ÉåÖáåÉÉêë=ìëÉÇ=~=ëÉí=çÑ=PTV=roië=çÄí~áåÉÇ=Ñêçã=íÜÉ=tÉÄJ
ëÉåëÉ=qÜêÉ~ípÉÉâÉê=åÉíïçêâK=qÜÉ=roië=ïÉêÉ=ÅÜçëÉå=Ñêçã=~=éççä=çÑ=roië=
ÇÉíÉÅíÉÇ=Äó=íÜÉ=qÜêÉ~ípÉÉâÉê=åÉíïçêâ=~êçìåÇ=íÜÉ=ïçêäÇ=~ë=roië=çÑ=tÉÄ=
ëáíÉë=Åçåí~áåáåÖ=_áå~êó=Éñéäçáíë=çê=ÅçãéêçãáëÉëK=
qÜÉ=roië=ïÉêÉ=ÅçääÉÅíÉÇ=Ñêçã=íÜÉ=éççä=ïáíÜáå=ëáñ=Üçìêë=çÑ=íÜÉ=íÉëíáåÖ=ïáåJ
ÇçïI=íç=ÉåëìêÉ=íÜ~í=íÜÉ=roië=íÉëíÉÇ=ïçìäÇ=ÄÉ=äáîÉ=çå=íÜÉ=fåíÉêåÉíK=låÅÉ=
~Ö~áåI=ÉåÖáåÉÉêë=Éå~ÄäÉÇ=~ää=roi=Åä~ëëáÑáÅ~íáçå=Å~íÉÖçêáÉë=êÉä~íÉÇ=íç=_áå~êó=
Éñéäçáíë=~åÇ=ÅçãéêçãáëÉë=Å~íÉÖçêáÉë=~î~áä~ÄäÉ=çå=éêçÇìÅíë=ìåÇÉê=íÉëíK=fÑ=~=
roi=ï~ë=Åä~ëëáÑáÉÇ=ìåÇÉê=çåÉ=çÑ=íÜÉ=Å~íÉÖçêáÉë=Éå~ÄäÉÇ=çå=íÜÉ=éêçÇìÅíI=íÜÉ=
«=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========OV
30. T
T H
H E
E
WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting
TOLLY Secure Web Gateways
GROU P
roi=ï~ë=ÄäçÅâÉÇK=fÑ=íÜÉ=roi=ÅçìäÇ=åçí=ÄÉ=Åä~ëëáÑáÉÇ=ìåÇÉê=~åó=Éå~ÄäÉÇ=
Å~íÉÖçêóI=íÜÉ=éêçÇìÅí=ìåÇÉê=íÉëí=ï~ë=ÅçåÑáÖìêÉÇ=íç=ÖÉåÉê~íÉ=~å=~äÉêíK=båÖáJ
åÉÉêë=íÜÉå=Å~äÅìä~íÉÇ=íÜÉ=ÇÉíÉÅíáçå=~ÅÅìê~Åó=çÑ=íÜÉ=éêçÇìÅí=~ë=íÜÉ=éÉêÅÉåíJ
~ÖÉ=ëìÅÅÉëëÑìääó=Å~íÉÖçêáòÉÇ=çê=ÑáäíÉêÉÇ=çìí=çÑ=íÜÉ=ë~ãéäÉ=ëÉíK=qÉëíë=ïÉêÉ=
êÉéÉ~íÉÇ=íïáÅÉ=íç=ÉåëìêÉ=êÉéÉ~í~Äáäáíó=~åÇ=íÜÉ=êÉëìäíë=~îÉê~ÖÉÇK=
Malware-infected URL Detection
Accuracy Test
cçê=íÜáë=íÉëíI=ÉåÖáåÉÉêë=ìëÉÇ=~=ëÉí=çÑ=USR=roië=çÄí~áåÉÇ=Ñêçã=íÜÉ=tÉÄJ
ëÉåëÉ=qÜêÉ~ípÉÉâÉê=åÉíïçêâK=qÜÉ=roië=ïÉêÉ=ÅÜçëÉå=Ñêçã=~=éççä=çÑ=roië=
ÇÉíÉÅíÉÇ=Äó=íÜÉ=qÜêÉ~ípÉÉâÉê=åÉíïçêâ=~êçìåÇ=íÜÉ=ïçêäÇ=~ë=roië=çÑ=tÉÄ=
ëáíÉë=Åçåí~áåáåÖ=ã~äï~êÉ=Eã~äáÅáçìë=ÅçÇÉ=çê=~ééäáÅ~íáçåëFK=
qÜÉ=roië=ïÉêÉ=ÅçääÉÅíÉÇ=Ñêçã=íÜÉ=éççä=ïáíÜáå=ëáñ=Üçìêë=çÑ=íÜÉ=íÉëíáåÖ=ïáåJ
ÇçïI=íç=ÉåëìêÉ=íÜ~í=íÜÉ=roië=íÉëíÉÇ=ïçìäÇ=ÄÉ=äáîÉ=çå=íÜÉ=fåíÉêåÉíK=låÅÉ=
~Ö~áåI=ÉåÖáåÉÉêë=Éå~ÄäÉÇ=~ää=roi=Åä~ëëáÑáÅ~íáçå=Å~íÉÖçêáÉë=êÉä~íÉÇ=íç=ã~äJ
ï~êÉ=_áå~êó=Éñéäçáíë=~åÇ=ÅçãéêçãáëÉë=Å~íÉÖçêáÉë=~î~áä~ÄäÉ=çå=éêçÇìÅíë=
ìåÇÉê=íÉëíK=fÑ=~=roi=ï~ë=Åä~ëëáÑáÉÇ=ìåÇÉê=çåÉ=çÑ=íÜÉ=Å~íÉÖçêáÉë=Éå~ÄäÉÇ=çå=
íÜÉ=éêçÇìÅíI=íÜÉ=roi=ï~ë=ÄäçÅâÉÇK=fÑ=íÜÉ=roi=ÅçìäÇ=åçí=ÄÉ=Åä~ëëáÑáÉÇ=ìåÇÉê=
~åó=Éå~ÄäÉÇ=Å~íÉÖçêóI=íÜÉ=éêçÇìÅí=ìåÇÉê=íÉëí=ï~ë=ÅçåÑáÖìêÉÇ=íç=ÖÉåÉê~íÉ=
~å=~äÉêíK=båÖáåÉÉêë=íÜÉå=Å~äÅìä~íÉÇ=íÜÉ=ÇÉíÉÅíáçå=~ÅÅìê~Åó=çÑ=íÜÉ=éêçÇìÅí=~ë=
íÜÉ=éÉêÅÉåí~ÖÉ=ëìÅÅÉëëÑìääó=Å~íÉÖçêáòÉÇ=çê=ÑáäíÉêÉÇ=çìí=çÑ=íÜÉ=ë~ãéäÉ=ëÉíK=
qÉëíë=ïÉêÉ=êÉéÉ~íÉÇ=íïáÅÉ=íç=ÉåëìêÉ=êÉéÉ~í~Äáäáíó=~åÇ=íÜÉ=êÉëìäíë=~îÉê~ÖÉÇK=
Web 2.0-Based Malicious URL Detection
Accuracy Test
cçê=íÜáë=íÉëíI=ÉåÖáåÉÉêë=ìëÉÇ=~=ëÉí=çÑ=VSR=roië=çå=éçéìä~ê=tÉÄ=OKM=ëáíÉë=
äáâÉ=ÄäçÖëéçíKÅçã=~åÇ=ïçêÇéêÉëëKçêÖ=Åçåí~áåáåÖ=ã~äáÅáçìë=ÅçÇÉI=çê=çÄàÉÅJ
íáçå~ÄäÉ=ã~íÉêá~äI=çÄí~áåÉÇ=Ñêçã=íÜÉ=tÉÄëÉåëÉ=qÜêÉ~ípÉÉâÉê=åÉíïçêâK=qÜÉ=
roië=ïÉêÉ=ÅÜçëÉå=Ñêçã=~=éççä=çÑ=roië=ÇÉíÉÅíÉÇ=Äó=íÜÉ=qÜêÉ~ípÉÉâÉê=åÉíJ
ïçêâ=íç=ÄÉ=Åçåí~áåáåÖ=ã~äáÅáçìë=ÅçÇÉ=çê=çÄàÉÅíáçå~ÄäÉ=ã~íÉêá~äK=qÜÉ=roië=
ïÉêÉ=ÅçääÉÅíÉÇ=Ñêçã=íÜÉ=éççä=ïáíÜáå=ëáñ=íç=OQ=Üçìêë=çÑ=íÜÉ=íÉëíáåÖ=ïáåÇçïI=íç=
ÉåëìêÉ=íÜ~í=íÜÉ=roië=íÉëíÉÇ=ïçìäÇ=ÄÉ=äáîÉ=çå=íÜÉ=fåíÉêåÉíK=
båÖáåÉÉêë=Éå~ÄäÉÇ=~ää=~î~áä~ÄäÉ=roi=Åä~ëëáÑáÅ~íáçå=Å~íÉÖçêáÉë=çå=éêçÇìÅíë=
ìåÇÉê=íÉëíI=êÉä~íÉÇ=íç=ã~äáÅáçìëLÜ~êãÑìä=å~íìêÉI=çê=çÄàÉÅíáçå~ÄäÉ=ÅçåíÉåíK=
«=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========PM
31. T
T H
H E
E
WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting
TOLLY Secure Web Gateways
GROU P
qÜÉ=ëÉí=çÑ=roië=ï~ë=íÜÉå=~ÅÅÉëëÉÇ=~Åêçëë=íÜÉ=éêçÇìÅí=ìåÇÉê=íÉëíK=fÑ=~=roi=
ï~ë=Åä~ëëáÑáÉÇ=ìåÇÉê=çåÉ=çÑ=íÜÉ=Å~íÉÖçêáÉë=Éå~ÄäÉÇ=çå=íÜÉ=éêçÇìÅíI=íÜÉ=roi=
ï~ë=ÄäçÅâÉÇK=fÑ=íÜÉ=roi=ÅçìäÇ=åçí=ÄÉ=Åä~ëëáÑáÉÇ=ìåÇÉê=~åó=Éå~ÄäÉÇ=Å~íÉJ
ÖçêóI=íÜÉ=éêçÇìÅíë=ìåÇÉê=íÉëí=ïÉêÉ=ÅçåÑáÖìêÉÇ=íç=ÖÉåÉê~íÉ=~å=~äÉêíK=båÖáJ
åÉÉêë=íÜÉå=Å~äÅìä~íÉÇ=íÜÉ=ÇÉíÉÅíáçå=~ÅÅìê~Åó=çÑ=íÜÉ=éêçÇìÅí=~ë=íÜÉ=éÉêÅÉåíJ
~ÖÉ=ëìÅÅÉëëÑìääó=Å~íÉÖçêáòÉÇ=çê=ÑáäíÉêÉÇ=çìí=çÑ=íÜÉ=ë~ãéäÉ=ëÉíK=qÉëíë=ïÉêÉ=
êÉéÉ~íÉÇ=íïáÅÉ=íç=ÉåëìêÉ=êÉéÉ~í~Äáäáíó=~åÇ=íÜÉ=êÉëìäíë=~îÉê~ÖÉÇK
Criteria Evaluation by UI Inspection
båÖáåÉÉêë=íÜÉå=éêçÅÉÉÇÉÇ=íç=Éî~äì~íÉ=íÜÉ=éêçÇìÅíë=ìåÇÉê=íÉëí=íç=ÇÉíÉêãáåÉ=
íÜÉ=ÉÑÑÉÅíáîÉåÉëë=çÑ=íÜÉ=ìëÉê=áåíÉêÑ~ÅÉ=~åÇ=ÅçãéêÉÜÉåëáîÉåÉëë=çÑ=íÜÉ=ã~åJ
~ÖÉãÉåí=áåíÉêÑ~ÅÉK=qÜÉ=Éî~äì~íáçå=ï~ë=ÇçåÉ=Äó=áåëéÉÅíáåÖ=íÜÉ=ã~å~ÖÉJ
ãÉåí=áåíÉêÑ~ÅÉ=çÑ=É~ÅÜ=éêçÇìÅí=ìåÇÉê=íÉëíI=~åÇ=~äëç=Äó=éÉêìëáåÖ=íÜÉ=éìÄäáÅäó=
~î~áä~ÄäÉ=ÇçÅìãÉåí~íáçå=Ñêçã=íÜÉ=îÉåÇçê=çÑ=íÜÉ=éêçÇìÅíK=cçê=É~ÅÜ=Å~íÉÖçêóI=
qÜÉ=qçääó=dêçìé=ÉåÖáåÉÉêë=íÜÉå=~ëëáÖåÉÇ=~=ëìÄàÉÅíáîÉ=ëÅçêÉ=çå=~=ëÅ~äÉ=çÑ=N=
EäÉ~ëí=ÉÑÑÉÅíáîÉF=íç=Q=Eãçëí=ÉÑÑÉÅíáîÉKF=aÉí~áäÉÇ=êÉëìäíë=ìåÇÉê=É~ÅÜ=Å~íÉÖçêó=
~êÉ=éêÉëÉåíÉÇ=áå=íÜÉ=ÑçääçïáåÖ=ëÉÅíáçåëK
rë~Äáäáíó=ÅêáíÉêá~=ïÉêÉ=íÉëíÉÇ=Äó=ä~ìåÅÜáåÖ=íÜÉ=ã~å~ÖÉãÉåí=áåíÉêÑ~ÅÉ=~åÇ=
çÄëÉêîáåÖ=íÜÉ=Å~é~ÄáäáíáÉë=çÑ=É~ÅÜ=ëóëíÉãK=qÜÉ=ëìÄàÉÅíáîÉ=ìë~ÄáäáíóI=ä~óçìí=
~åÇ=çîÉê~ää=ÉÑÑÉÅíáîÉåÉëë=çÑ=É~ÅÜ=ÑÉ~íìêÉ=Ü~ë=ÄÉÉå=~ëëáÖåÉÇ=~=î~äìÉ=ê~åÖJ
áåÖ=Ñêçã=NI=äÉ~ëí=ÉÑÑÉÅíáîÉ=íç=QI=ãçëí=ÉÑÑÉÅíáîÉ=íç=áåÇáÅ~íÉ=íÜÉ=qçääó=ÉåÖáåÉÉêë=
áãéêÉëëáçå=çÑ=É~ÅÜ=çÑ=íÜÉ=ìåáíë=íÉëíÉÇK=
«=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========PN
32. T
T H
H E
E
WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting
TOLLY Secure Web Gateways
GROU P
Interaction with Competing Vendors
Fair Testing Charter ™
~åÇ=fåíÉê~Åíáçå=ïáíÜ=`çãéÉíáíçêë
In accordance with The Tolly Group’s process, competitors were
contacted and invited to participate in the test - to review the
test plans, the product levels and configurations of their prod-
ucts and to review and comment on their results.
For more information on this process, please see:
http://www.Tolly.com/FTC.aspx.
Cisco Systems Inc., and Blue Coat Systems did not respond to
the invitation. Trend Micro, Inc. and Secure Computing Corporation agreed to par-
ticipate in the test, and were provided with a test plan. At the completion of testing,
The Tolly Group provided Trend Micro and Secure Computing with the results of
their products, and requested to provide comments. Secure Computing did not
provide official comments on their results.
Trend Micro representatives provided the following comments:
Trend Micro's most current secure web gateway product, InterScan Web Security
Virtual Appliance v3.1 (IWSVA), was not used in this test. The IWSVA product has
improved functionality over the tested product (IWSS) in the following areas:
1. Implementation Model: IWSVA supports bi-direction transparent bridging so
that no client or network re-configuration is needed.
2. Malware Detection: additional capabilities have been added to the IWSVA
product to ensure the highest possible content-based malware detection rates,
further enhancing the URL reputation-based malware detection already in the
product.
3. Performance and Throughput: IWSVA running on a standard off-the-shelf 8-
core server can support up to 10,000 users with full scanning and no notice-
able latency.
«=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========PO
33. T
T H
H E
E
WHITE PAPER: The Web Security Challenge: a Competitive Guide to Selecting
TOLLY Secure Web Gateways
GROU P
Appendix: Product List
Source: The Tolly Group, November 2008 Figure 14
«=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========PP
34. Terms of Usage
USE THIS DOCUMENT ONLY IF YOU AGREE TO THE TERMS LISTED HEREIN.
= This document is provided, free-of-charge, to help you understand whether a given product, technology or service merits addi-
tional investigation for your particular needs. Any decision to purchase must be based on your own assessment of suitability.
This evaluation was focused on illustrating specific features and/or performance of the product(s) and was conducted under con-
trolled, laboratory conditions and certain tests may have been tailored to reflect performance under ideal conditions; performance
may vary under real-world conditions. Users should run tests based on their own real-world scenarios to validate performance for
their own networks. Commercially reasonable efforts were made to ensure the accuracy of the data contained herein but errors
and/or oversights can occur. In no event shall The Tolly Group be liable for damages of any kind including direct, indirect, special,
incidental and consequential damages which may result from the use of information contained in this document
The test/audit documented herein may also rely on various test tools the accuracy of which is beyond our control. Furthermore,
the document relies on certain representations by the sponsor that are beyond our control to verify. Among these is that the
software/hardware tested is production or production track and is, or will be, available in equivalent or better form to commercial
customers.
When foreign translations exist, the English document is considered authoritative. To assure accuracy, only use documents
downloaded directly from The Tolly Group’s Web site.
All trademarks are the property of their respective owners.
qÜÉ=qçääó=dêçìé=áë=~=äÉ~ÇáåÖ=ÖäçÄ~ä=éêçîáÇÉê=çÑ=íÜáêÇJ
é~êíó=î~äáÇ~íáçå=ëÉêîáÅÉë=Ñçê=îÉåÇçêë=çÑ=fq=éêçÇìÅíëI=
ÅçãéçåÉåíë=~åÇ=ëÉêîáÅÉëK
qÜÉ=Åçãé~åó=áë=Ä~ëÉÇ=áå=_çÅ~=o~íçåI=ci=~åÇ=Å~å=ÄÉ=
êÉ~ÅÜÉÇ=Äó=éÜçåÉ=~í==ERSNF=PVNJRSNMI=çê=îá~=íÜÉ=fåíÉêJ
åÉí=~í
ÜííéWLLïïïKíçääóKÅçãI=ë~äÉë]íçääóKÅçã=
båíáêÉ=`çåíÉåíë=`çéóêáÖÜí=OMMU=Äó=
qÜÉ=qçääó=dêçìéI=fåÅK
^ii=ofdeqp=obpbosba
OMUPOSJñÑÅÑëNJââJMOaÉÅMU
«=OMMU=qÜÉ=qçääó=dêçìéI=fåÅK= = ===========PQ