Effective Perimeter Content Security

What is eSafe? eSafe is: –Best of breed web Surfing Security Gateway with anti- spyware & unauthorized applications filtering –Best of breed Proactive Security with spam management –Transparent inspection of: HTTP, FTP, SMTP, POP3 eSafe provides zero-day protection for top security problems eSafe is backed by 24x7 Security Services

OR: eSafe Integrated SCM Solution Network security should be separated at the gateway eSafe takes care of all Content Security

We Should Not Make This Choice! SECURITY PERFORMANCE

High End Solutions (blade-based) Anti-spyware HTTP/FTP Security URL Filtering IM, P2P, Spyware, apps. anti-virus Spam management Firewall VPN IDS/IPS Secure Content Management Network Security Management & Reporting - Up to 40Mbps* each -1,200-2,000 HTTP connections/sec (avg.) - Up to 1Gbps* on a single chassis with full load balancing! *Net HTTP traffic with full content inspection

Blade Center (Up to 14 blades in a cluster) ISP cloud Internet eSafe Solution for ISPs & Telcos Security Services Consolidation for the ISPs Tiered Services: Web Anti-Spyware Web URL Filtering Anti-virus Anti-spam

eSafe’s 4 Layer Spyware Blocking Layer 1: Web surfing ‘driveby’ blocking Layer 2: Download (URL, ActiveX) Layer 3: Signature (simple + smart) Layer 4: Communications blocking NEW: Spyware Neutralizing

Enhanced Web Security [ 4-Layer Anti-spyware [ XploitStopper™ & SmartScript™ [ Fast - 40Mbps NitroInspection [ HTTP/FTP protocol security

Using Malicious Scripts

URL Filtering: Security – Productivity - Safety

Objectionable Categories Phishing Malware Spam Virus/Hacker/Spyware Pornography Gambling Racism Drugs Violence, Anarchy, Weapons Illegal activity Non-Productive Categories Dating Swimwear Gaming Travel Amusement Job Search Television

URL Filtering – Security and Productivity - 60 million URLs - 60 categories - 150,000 sites updated daily - 97% sites known

What Is A Profile? A Web surfing policy –List of site categories and specific exclusions Applied to an entity –User, group, IP, IP range, VLAN, host According to priority and time frame

URL Filtering Profiles in eSafe 5 FR2 LDAP and Active Directory integration User/Group-based profiles Flexible user identification User-based web- access reporting X-Ray mode for web usage monitoring

Unauthorized Applications Traffic P2P applications Spyware Instant Messengers TCP Worms Remote Control Tunneling …and more

Application Filtering Many more rules and rule families [ P2P: KaZaa, eDonkey, Bit Torrent, more [ Instant Messengers: MSN Messenger, ICQ, Yahoo, AOL [ Spyware: communication [ Remote Control: GoToMyPC, PC-Anywhere, more [ Protocol enforcement: tunneling prevention, browser enforcement, protocol exploits [ More…

Enhanced Security [ Proactive anti-virus [ Signature anti-virus [ Phishing prevention [ standardization [ Turn-off hyperlinks [ Remove web beacons [ Many more…

Threats Shift in 2006 Phishing  Phishing sites  Malicious code in Phishing Sites  2006 Forecast Increase in Three-stage targeted Phishing attacks: 1.Targeted Phishing  2. Redirect to Phishing site  3.Malicious code attack on the site Source: antiphishing.org

eSafe Phishing Prevention Most massive phishing is blocked as spam UNIQUE to eSafe: Phishing elements are stripped from all suspicious blocking targeted attacks on organizations Added value: Prevent tracking Actual link:

Moving From Anti-spam to Spam Management No lost No angered end-users No administrator hassle No need for “special spam mailbox” Learning system – not prone to user error

[ 20 Spam-detection Technologies [ Spam tagging, blocking, guaranteeing [ Remote quarantine [ User-managed quarantine [ 12 new features in eSafe 5 Advanced Spam Management

eSafe Proactive Detection ThreatProactiveNotes Netsky-P Yes Suspicious worm/Trojan Zafi-B Yes Suspicious worm/Trojan Sasser No TCP/IP worm Netsky-B Yes Double extension exploit Netsky-D Yes Restricted extension (PIF) Netsky-Z Yes Double extension exploit MyDoom-A Yes Suspicious worm/Trojan Sober-I Yes Suspicious worm/Trojan Netsky-C Partial Most variants blocked Bagle-AA Yes Suspicious worm/Trojan Top Outbreaks 69% proactive outbreak blocking!

eSafe Proactive Detection ThreatProactiveNotes Win32.Mydoom.bb Yes Very large circulation Win32.Bagle.be Yes Very high threat (CERT) Win32.Serflog.a Yes Suspicious worm/Trojan Win32.Sober.s Yes Suspicious worm/Trojan Win32.Mytob.ar Yes Suspicious worm/Trojan Win32.Mytob.bi Yes Suspicious worm/Trojan Win32.Zotob.d Yes Suspicious worm/Trojan Win32.Zotob.e Yes Suspicious worm/Trojan Win32.Sober.ac Yes Suspicious worm/Trojan Win32.Sober.y Yes Huge circulation Top Outbreaks 96% proactive outbreak blocking!

Unique Proactive Technologies [ Signature AV Engine Certified to block 100% ITW viruses [ NEW: EV13x SmartSig™ quicker response to threats and more efficient signatures [ Zero-hour blocking of most Trojans and worms [ Improved XploitStopper™ [ Global OutbreakSentry™

Management and Reporting

Focus on: Outbound Content HTTP/FTP inspection & loggings SOX compliance Suspicious Trojans/Keyloggers outbound traffic detection Content anomalies

“Aladdin Knowledge Systems' eSafe 5 can do so much that the hardest part may be just explaining it all. This is a comprehensive content security package to protect your organization's Internet operations.” “The list of eSafe's capabilities could go on for pages, and the product definitely lived up to expectations.” – Hotpick: eSafe Gateway 5 –INFORMATION SECURITY MAGAZINE, Sep ‘05

eSafe – technology leadership 1997 eSafe Protect – 1 st sandbox anti-vandal solution eSafe Gateway – 1 st anti-virus gateway NitroInspection™ - 1 st non-proxy HTTP gateway AppliFilter™ - 1 st application filtering 2005 Spyware Neutralizer 1 st clientless scanner 2002 XploitStopper™ - 1 st gateway exploits blocker

Sample eSafe Customers

Thank You!