Presentation is loading. Please wait.

Presentation is loading. Please wait.

eSafe – Secure Web Gateway Shimon Gruper, CISSP – VP Security Technologies.

Published byTrevor Osborne Modified over 8 years ago

Similar presentations

Presentation on theme: "eSafe – Secure Web Gateway Shimon Gruper, CISSP – VP Security Technologies."— Presentation transcript:

1

2 eSafe – Secure Web Gateway Shimon Gruper, CISSP – VP Security Technologies

3 a l a d d i n. c o m Safe Harbor Statement Except for statements of historical fact, the information presented herein constitutes forward-looking statements within the meaning of and subject to the safe harbor created by the Private Securities Litigation Reform Act of 1995. In some cases, you can identify forward-looking statements by terminology such as "expect," "estimate," "anticipate," "intend," "predict," "believe," and similar expressions and variations thereof. Such forward-looking statements include statements regarding the intent, belief, current expectations or projections about future events of Aladdin Knowledge Systems Ltd. Readers are cautioned that these forward looking statements are not guarantees of future performance and involve known and unknown risks, uncertainties and other factors which may cause the actual results, performance or achievements of Aladdin Knowledge Systems Ltd. to be materially different from any future results, performance or achievements expressed or implied by such forward-looking statements. Such factors include without limitation, general economic and business conditions, the loss of market share, changes in the competitive landscape, failure to keep up with technological advances and other factors over which Aladdin Knowledge Systems Ltd. has little or no control. Aladdin Knowledge Systems Ltd. undertakes no obligation to revise or update these forward-looking statements to reflect events or circumstances after the date hereof.

4 a l a d d i n. c o m Agenda About AladdinAbout Aladdin Content Security ChallengesContent Security Challenges Introduction to eSafeIntroduction to eSafe Delivery optionsDelivery options Implementation optionsImplementation options Support & UpdatesSupport & Updates

5 a l a d d i n. c o m Aladdin Knowledge Systems (NASDAQ: ALDN) is a global provider of software protection and network security solutions since 1985. With a distribution network of more than 50 partners in over five continents, Aladdin provides unmatched service and support to its customers.

6 a l a d d i n. c o m Headquarters: Tel Aviv, Israel Global Presence: Strong Financial Momentum: Founded: 1985, publicly traded since 1993 Employees Worldwide: 465 Q4/07 revenues: $29.1M Q4/07 profits: $4.8M (Non-GAAP) 2007 revenues: $105.9M 2007 profits: $17.6M (Non-GAAP) Consistent growth in revenues and profits World Renowned Products: Global leader in Software DRM (Digital Rights Management), fast growth, innovative Enterprise Security products USA, UK, Germany, France, The Netherlands, India, Spain, Italy, Japan and China Aladdin Snapshot

7 a l a d d i n. c o m Aladdin: Securing the Global Village Our Mission To create value by enabling the secure use and distribution of digital content Our Vision To be the leading provider of innovative security solutions to protect digital assets and enable secure business

8 a l a d d i n. c o m Aladdin Product Lines Software Rights Management – copy protection, IP protection and secure licensing solution for software vendors Software Publishers and System Vendors Solutions for authentication and password/digital identity management Enterprise Education Banking Pharmacy Government TARGET MARKET Web gateway content security and proactive email security Enterprise and ISP’s DRM ENTERPRISE SECURITY

9 a l a d d i n. c o m Aladdin – Strong in Europe North America: 18% Europe: 61% ROW: 21% Business Segments: Geographical Segments: 41% 59%

10 a l a d d i n. c o m Web Content Security Challenges

11 a l a d d i n. c o m The shift in Content Security Threats From amateur virus writers to organized money making professionals ! Virus TrojanWorm Internet Trojan PhishingSpywareSpam 19872005 2000 20032004 2008 Mobile Threats 2007 Web Threats

12 a l a d d i n. c o m 2007 Was A Very Bad Year Over 1,000,000 unique malware in 2007 Some estimate there are over 5.5 million In-The-Wild malware (AV-Test.org) Thousands of new malware a day 1,000,000

13 a l a d d i n. c o m Source: AV-TEST Lab, Germany

14 a l a d d i n. c o m It’s all about money…

15 a l a d d i n. c o m

16 “ Last year was the first year that proceeds from cybercrime were greater than proceeds from the sale of illegal drugs… law enforcement cannot catch up with it." Valerie McNiven, US Treasury Cybercrime 'more lucrative' than drugs

17 a l a d d i n. c o m BotNets

18 BotNet Controllers

19 a l a d d i n. c o m “Of the 600 million computers currently on the internet, between 100 and 150 million are already part of botnets” Davos, January 2007 Dr. Vinton Cerf

20 a l a d d i n. c o m Why do threats increase?

21 a l a d d i n. c o m Security is not transparent! I should probably click ‘Yes’…

22 a l a d d i n. c o m Today’s Internet Threats

23 a l a d d i n. c o m The Web 2.0 Dilemma MySpace Face- book Google Apps Gray BadGood

24 a l a d d i n. c o m Malware 2.0 Inspection HTML AJAX Scripts Good Gray

25 a l a d d i n. c o m Anti-virus ? We’re trying our best to stay on top, but unfortunately I must confess that the detection level is slowly going down. We develop new technology to stop them and they develop new technology to bypass. We still have the highest detection rate, but we cannot stop some malicious code. This makes us scared if we will be able to stop them in the future. There was a time when we thought that antivirus technology was enough, but that time has gone. It’s not enough, obviously. Natalya & Eugene Kaspersky

26 a l a d d i n. c o m URL Filter? No time for updates! Months Days Weeks 20052006 2007 Avg. exploit in 2006 5.8 days. Vulnerabilities Exploited Faster 2005 200620072003 2004 Hours Seconds Minutes 2006 - 90% of the hosts within 10-minutes. Threats Propagating Faster

27 a l a d d i n. c o m Essential Solution Ingredients Desktop Antivirus URL Filter Email Antivirus

28 a l a d d i n. c o m Essential Solution Ingredients Web security Desktop Antivirus URL Filter Email Antivirus Less than 20% of organizations have Web Security in place !

29 a l a d d i n. c o m “The market is demanding a secure-Web gateway (SWG) solution that provides not only traditional URL-filtering but also malicious software (malware) filtering, as well as application control for Web applications such as instant messaging (IM).” Peter Firstbrook Introducing the Secure Web Gateway

30 a l a d d i n. c o m Recommendations IT organizations should recognize the increasing threat that Web traffic represents and the limitations of existing solutions at addressing this rising threat. Use URL filtering renewals and budget money to upgrade to a secure Web gateway solution that is capable of detecting and filtering malicious Web traffic. The Growing Web Threat

31 a l a d d i n. c o m The Ultimate Network Security Solution

32 a l a d d i n. c o m Introduction to eSafe

33 a l a d d i n. c o m Firewall VPN IDS/IPS Network Security Spyware, Malware Inappropriate content Confidential data loss Unauthorized applications (IM, P2P, tunneling, etc.) Web Surfing Network policies Business policies Content Security Enterprise Network Internet eSafe Web

34 a l a d d i n. c o m Security Golden Triangle The balance is crucial for a proper web security gateway

35 a l a d d i n. c o m What is the ultimate Web Security? eSafe 4 Security Layers

36 a l a d d i n. c o m Content Access Good Sites – Bad Sites Good ActiveX – Bad ActiveX – Preinstalled only Dynamic Web Threats File Analysis 1 2 3 4 The Only 4 Layer Web Content Security Application Filtering

37 a l a d d i n. c o m URL Filtering & IP Reputation CRAWLING Data Center Security 500+ Crawlers worldwide 3.8 Billion Indexed Webpages / Images 120 Million Pages per Month 800 Spam Collectors Smart Search Engine ANALYZING Content Analyzing Technology OCR Full Text Classification Object Detection Logo Detection Face Recognition Porn Detection Digital Fingerprints PROCESSING Data Center Hardware > 1,000 Servers 45 Mbit / Sec Internet Access 20 Terabyte Cache 12 Worldwide Remote Servers Processing Four Million Webpages / Emails per Day 60 million URLs 8 Updates per Day 98% Sites Known 60 Categories 150,000 URL Updated per Day

38 a l a d d i n. c o m Content Access Dynamic Web Threats 1 2 3 4 The Only 4 Layer Web Content Security Zero-day exploits Malicious scripts Pop-installers - In “Grey” sites - In Hacked sites Application Filtering File Analysis

39 a l a d d i n. c o m Real-time Deep Web 2.0 Content Analysis Real-time packet by packet analysis of all web content Inspects all HTML pages and all code in them (scripts, AJAX, etc.) for “Web. 2.0” threats. Detects the following in all HTML and script code: –Known vulnerabilities (exploit attempts) –Known malicious code and variations –Suspicious code. Inspects HTTP on any port and HTTPS on SSL port 443

40 a l a d d i n. c o m Transparent Real-time Content Modification eSafe removes only suspicious elements form web pages containing suspicious code The rest of the content remains intact Avoid over-blocking of legitimate hacked sites, “grey” unknown sites, etc. Web page content inspection, including HTML, and media files, is done in real-time Performance of over 50Mbps / 3000 connections per machine (scalable to ISP level)

41 a l a d d i n. c o m Download Dynamic Web Threats Signatures Communications blocking 1 2 3 4 The Only 4 Layer Web Content Security Simple Known family (heuristic) Polymorphic, stealth Suspicious Spyware / Trojan / Worm

42 a l a d d i n. c o m Proactive eSafe AV engine

43 a l a d d i n. c o m eSafe CSRT - More Security 42

44 a l a d d i n. c o m Aladdin Blocks Sophisticated Web Attack

45 a l a d d i n. c o m Content Access Dynamic Web Threats File Analysis Application Filtering 1 2 3 4 The Only 4 Layer Web Content Security Worms Browser Hijack Spyware / Adware Spyware protocols Outbound Trojan Selective IM (chat / file) Tunneling Remote PC P2P

46 a l a d d i n. c o m Unauthorized Applications Traffic P2P applications Spyware Instant Messengers TCP Worms Remote Control Tunneling …and more

47 a l a d d i n. c o m Application Filtering and Control eSafe’s AppliFilter™ helps protect and control: Over 500 Internet application protocols 20 application families 4 application family categories: –Malicious applications: Spyware, Trojans, Worms, Key-loggers –Unwanted applications: Adware and add-supported software, anonymizing tools –Exploits and vulnerabilities: TCP Exploits, drive-by attacks, browser hijackers –Controlled applications: Instant Messengers, IP Phone, P2P, streaming, tunnelling

48 a l a d d i n. c o m Anonymous Surfing

49 a l a d d i n. c o m Anonymous Proxies Protection Content Security products offer “list-based” approach against Anonymous proxies AppliFilter’s unique “Anonymous Web Proxy” filter catches requests for anonymous proxies on the fly, providing organizations zero-day protection against circumvention and anonymity techniques.

50 a l a d d i n. c o m Delivery Options

51 a l a d d i n. c o m Delivery Options Reduced complexity: Instant installation on any PC Hardened, secure & updatable OS Built-in web-based configuration GUI HG-200 HG-400 HG-300

52 a l a d d i n. c o m Flexible Integration options Active Directory integration –Microsoft AD –Novel ISA Server integration ArcSight integration Installation modes: –Bridge –Router –ICAP –Forwarding Proxy –Native Proxy –Load-balancing / High-Availability Cluster

53 a l a d d i n. c o m eSafe Web SSL –Enforces policy also on SSL encrypted anonymizer sites –Proactively identify and block unknown anonymizers –Blocks self-signed SSL sites (home-brew anonymizers) –Validates certificate policies, issuers, revocations, etc.

54 a l a d d i n. c o m eSafe Reporter Includes 34 canned reports Specifically geared for Enterprise Customers Works with MS-SQL Generate scheduled reports and email them to predefined group of people

55 a l a d d i n. c o m Implementation Options

56 a l a d d i n. c o m eSafe Branch office Regional Office HQ Central Monitoring Central Configuration Central Reporting Central Logging Local Configuration Real Enterprise Solutions

57 a l a d d i n. c o m Real time monitoring

58 a l a d d i n. c o m Real-time monitoring

59 a l a d d i n. c o m Support & Customer Care

60 a l a d d i n. c o m Support services – Deluxe Support Security services –24x7 threats research (CSRT – Content Security Research Team) –Timely updates –Proactive security rules (XploitStopper™) –Email / SMS notifications –Emergency telephone support Technical Support Services –24x7 web / telephone support –Immediate escalation to R&D –Continuous case status update –Personal case supervision by Customer Care Director –On site visits (fee charged after 90 days warranty)

61 a l a d d i n. c o m Case Studies

62 a l a d d i n. c o m Large Enterprise Case Study: Large Enterprise Case Study: US Defense Contractor Distributed operation 70,000+ users Challenge: no affect on user browsing experience & minimal admin overhead Evaluated proxy solution but selected eSafe for speed and security Result: –High security –Increased productivity –No performance impact

63 a l a d d i n. c o m Case Study: Case Study: US School District 10,000 students, teachers and administrators in 30 separate schools Struggling with spyware control IT resources stretched thin by ongoing remediation Result: –Virtually eliminated spyware infections –Time spent on desktops remediation dropped by 95%

64 a l a d d i n. c o m Case Study – Managed Services “We monitor all traffic patterns throughout our network, we proactively defend you from all malicious or accidental attack, delivering 'clean pipes' to all our customers' corporate networks.” LSE: CW Leading international communications company Trading with eSafe (as Energies) since 2003 Joint Services: Managed Content Security Services (MSSP model), and Clean Pipe services Customers Include: Large enterprises, Carriers, Public Sector and local Service providers

65 a l a d d i n. c o m Case Study - ISP NASDAQ: IGLD Leading Israeli communications service provider Services: Internet, International telephony and IT Integration Services In January 2007, completed the acquisition of 012 Golden Lines Ltd. Jointly owns MSN-Israel with Microsoft No. of subscribers estimated by 1M Service name: Safety Net Target: Home, Small business Launch: February, 2006 Successful Marketing Campaign leads to a high acceptance rate: over 50% Over 1,500 subscribers per week Withdrawals: Marginal (less than 0.5%)

66 a l a d d i n. c o m

67 Web Threat Analyzer Reveals security and productivity threats Offers a realistic view of current, and real web threat status Provides a full and comprehensive Web-threat Audit report!

68 a l a d d i n. c o m Summary

69 The only proven proactive threat protection –Consistently blocks over 96% of previously unknown threats –Eliminates over 99% of common and driveby spyware –Prevents zero-day vulnerabilities and exploits Transparent deep web-content inspection –Wire-speed inspection of web pages including all HTML –Zero-latency with no impact on user experience –Complements firewalls, IPS, and desktop antivirus Starting at 5 million processed web pages per hour –Scalable for hundreds to millions of users –ISP-grade content security performance –Trusted by fortune 500 corporations eSafe Advantages

70 a l a d d i n. c o m Technology leader - Innovation is our key focus eSafe MCSG – Mobile security gateway 1997 eSafe Protect – Sandbox anti-vandal solution eSafe Gateway – Anti-virus gateway 1998 2000 2003 NitroInspection™ – Non-proxy HTTP gateway AppliFilter™ – Application filtering 2005 Spyware Neutralizer – Clientless scanner 2002 XploitStopper™ – Gateway exploits blocker 2006 1 st 2007 100% Protection of Anonymizer Services 1 st

71 a l a d d i n. c o m Gartner Secure Web Gateway - Magic Quadrant Aladdin is an early visionary entrant into the SWG market. Aladdin gets very high marks for malware detection across all ports and protocols. The company was an early antivirus vendor and continues to utilize its own malware signatures in addition to several real-time malware detection techniques. The product has an extensive list (more than 1,000) of pre-developed application filter policies. The eSafe SWG is an in-line filter and supports an extensive list of deployment options that provide for scalability for more than 20,000 seats.

72 a l a d d i n. c o m Frost & Sullivan – WW Anti-virus Report “Aladdin Knowledge Systems content security business unit’s growth has been outperforming the average market growth rate… Aladdin’s recent product innovations in the integrated security area have proved the company’s ability to react fast to changing market demands.”

73 a l a d d i n. c o m More than 4,000 eSafe customers worldwide

74 a l a d d i n. c o m … more customers

75 a l a d d i n. c o m SOME EUROPEAN CUSTOMERS

76 a l a d d i n. c o m Thank you ! For more info: www.Aladdin.com

77 a l a d d i n. c o m NitroInspection™ technology HTTPContentrecognitionfilter HTTPContentmixer 15% HTML inspection 5% Binaries inspection 10% Trusted content HTTP content European Patent EP1318646 70% JPG inspection

78 a l a d d i n. c o m Improved user experience No time-outs No slowdowns Completely transparent Fast and efficient eSafe NIC TCP/IP stack eSafe PCA Content Inspector Content Inspector 80% of packets are released After inspection, the remaining 20% is released When the entire file is received, it is inspected NitroInspection™ technology

Download ppt "eSafe – Secure Web Gateway Shimon Gruper, CISSP – VP Security Technologies."

Similar presentations

A l a d d i n. c o m eSafe 6 FR2 Product Overview.

A l a d d i n. c o m eSafe 6 FR2 Product Overview.
1 Effective, secure and reliable hosted email security and continuity solution.

1 Effective, secure and reliable hosted security and continuity solution.
Click to edit Master title style Click to edit Master text styles –Second level Third level –Fourth level »Fifth level June 10 th, 2009Event details (title,

Click to edit Master title style Click to edit Master text styles –Second level Third level –Fourth level »Fifth level June 10 th, 2009Event details (title,
New Solutions to New Threats. The Threats, They Are A Changing Page 2 | © 2008 Palo Alto Networks. Proprietary and Confidential.

New Solutions to New Threats. The Threats, They Are A Changing Page 2 | © 2008 Palo Alto Networks. Proprietary and Confidential.
Eyal Sheratzki, co-CEO August 2009 Investor Presentation.

Eyal Sheratzki, co-CEO August 2009 Investor Presentation.
ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.

ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.
Next Generation Endpoint Security Jason Brown Enterprise Solution Architect McAfee May 23, 2013.

Next Generation Endpoint Security Jason Brown Enterprise Solution Architect McAfee May 23, 2013.
Bucharest, July 31, 2012 | Bitdefender 2012 Cloud Security for Endpoints Customer Presentation.

Bucharest, July 31, 2012 | Bitdefender 2012 Cloud Security for Endpoints Customer Presentation.
AVG- Protecting those who are vulnerable.  Free Anti-Virus Software ◦ J.R. Smith President of AVG oversees a lineup of antivirus products used by 110.

AVG- Protecting those who are vulnerable.  Free Anti-Virus Software ◦ J.R. Smith President of AVG oversees a lineup of antivirus products used by 110.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Introduction to ISA 2004 Dana Epp Microsoft Security MVP.

Introduction to ISA 2004 Dana Epp Microsoft Security MVP.
Barracuda Web Application Firewall

Barracuda Web Application Firewall
Blue Coat Systems Securing and accelerating the Remote office Matt Bennett.

Blue Coat Systems Securing and accelerating the Remote office Matt Bennett.
Lisa Farmer, Cedo Vicente, Eric Ahlm

Lisa Farmer, Cedo Vicente, Eric Ahlm
Unified Logs and Reporting for Hybrid Centralized Management

Unified Logs and Reporting for Hybrid Centralized Management
Copyright 2011 Trend Micro Inc. Trend Micro Web Security- Overview.

Copyright 2011 Trend Micro Inc. Trend Micro Web Security- Overview.
LittleOrange Internet Security an Endpoint Security Appliance.

LittleOrange Internet Security an Endpoint Security Appliance.
Barracuda Web Filter Overview March 26, 2008 Alan Pearson, Monroe County School District Marcus Burge, Network Engineer.

Barracuda Web Filter Overview March 26, 2008 Alan Pearson, Monroe County School District Marcus Burge, Network Engineer.
Department Of Computer Engineering

Department Of Computer Engineering
Customized solutions. Keep It Secure Contents  Protection objectives  Endpoint and server software  Protection.

Customized solutions. Keep It Secure Contents  Protection objectives  Endpoint and server software  Protection.

Similar presentations

Ads by Google