1. McAfee Web Protection
Protect Your Enterprise Against Web Threats

2. Malware Is Changing… 2011 2012 2013 Rise in Adobe- based attacks
PDF, Flash
Zero-day Java and JavaScript- based attacks
Sophisticated evasion techniques
Unique, one time-only URL or file
Obfuscation
Dynamic code generation
Browser-specific attacks
Ex: known Firefox exploits
Anticipate rise in HTML5 attacks
Not only is the volume of malware accelerating, but we’re see the character of malware becoming more sinister, as well.
Malware authors are becoming much more professional in their design and development, and there are even professional software development kits posted for sale on the Internet to make it easier to get started.
We’re seeing much more content delivered using a one-time unique URL or attachment (such as a PDF file), which helps to evade signature-based detection tools, since the signature is only used once by the malware.
More malware are using obfuscation and code generation techniques to hide encrypted code inside the malware as variables, which are then decrypted and used to dynamically generate run-time code. This means we now have to look deeper not only into the code itself, but any variables that may be hiding inside the payload.
As more and more sites begin using media like Adobe PDF and Flash to deliver content, we’re seeing a corresponding rise in infected files using these formats.
And, as users expect sites to be increasingly interactive, we’re also seeing a significant rise in Java and JavaScript-based exploits; along with browser-specific attacks looking for known vulnerabilities. For example, we’ve seen malware that tries to determine which browser and version the user is using and then executes different styles of attacks, depending on what it learns at runtime.
Lastly, we anticipate that as HTML 5 becomes more popular, we’ll see more attacks attempting to exploit vulnerabilities in that new web platform.

3. The Cloud Brings New Challenges
SECURITY
Increasingly sophisticated malware
Increased SSL-encrypted web traffic
Advanced, persistent threats
APPLICATION
VISIBILITY
More people & devices connecting to more applications outside traditional network, often without IT knowledge
FLEXIBILITY
Need to accommodate changing business conditions
Protection needs to travel with the user and device rather than stay in the office
With all this in mind, today I am going to focus on 3 areas causing problems for a lot of organization’s today as they move more and more applications to the cloud: Security, Application Management and Flexibility.
Security: The more your employees use the cloud, the more you’re risking exposure to malware. You need to know that your web protection is keeping up to meet evolving threats.
ApplicationS: With more people & devices connecting to more applications outside traditional network, are users getting where they need to go?
And what about visibility - Do you even know which web applications your employee’s are using?
Are your users acquiring cloud applications without your knowledge or approval?
How can you enforce security or acceptable usage policy over applications you don’t even know about?
Do you know what data is flowing out of your company?
And then there’s flexibility: in today’s mobile world, protection needs to travel with the user and device rather than stay in the office.

4. The Cloud Brings New Challenges
SECURITY
Increasingly sophisticated malware
Increased SSL-encrypted web traffic
Advanced, persistent threats
APPLICATION MANAGEMENT
More people & devices connecting to more applications outside traditional network
FLEXIBILITY
Need to accommodate changing business conditions
Protection needs to travel with the user and device rather than stay in the office
With all this in mind, today I am going to focus on 3 areas causing problems for a lot of organization’s today as they move more and more applications to the cloud: Security, Application Management and Flexibility.
Security: The more your employees use the cloud, the more you’re risking exposure to malware. You need to know that your web protection is keeping up to meet evolving threats.
Application management: With more people & devices connecting to more applications outside traditional network, are users getting where they need to go?
And what about visibility - Do you even know which web applications your employee’s are using?
Do they have uncontrolled access? Do you know what data is flowing out of your company?
And then there’s flexibility: in today’s mobile world, protection needs to travel with the user and device rather than stay in the office.

5. Security
How bad is the problem? How can I block web-borne threats? What about outbound threats? What other add-on tools should I consider?
First, let’s tackle security… the topic that’s top of mind for many IT executives in today’s world of highly publicized, embarrassing and costly breaches.

6. Global Threat Intelligence
GTI
GTI
Network Activity
Geo-location
Threat
Reputation
Ports / Protocol
Application
Web Reputation .
File Reputation
Sender Reputation
URL
Mail Activity
Domain
Affiliations
The first thing you need to know is how to identify known threats that have already been detected at other sites around the globe.
McAfee Global Threat Intelligence is a live service that McAfee uses to power our Web Protection’s filtering technologies. McAfee GTI creates a profile of all Internet entities—websites, , and IP addresses—based on hundreds of different attributes gathered from the massive, global data collection capabilities of McAfee Labs.
It then assigns a reputation score based on the security risk posed, enabling administrators to apply very granular rules about what to permit or deny.
With this service, McAfee distributes information about malicious activity virtually in real time, allowing you to block access to malicious sites without wasting time or taking further action.
And, when you compare us with the competition, ask them how many dedicated, full-time research scientists and engineers they have working on their threat intelligence service. McAfee Labs has more than 500 full-time research staff, which is often more than our competitors have employees!
IP Address
Web Activity
Address
DNS Server
Data Activity
Network IPS
Firewall
Web Gateway
Host AV
Mail Gateway
Host IPS
3rd Party Feed
300M IPS attacks/mo.
2B Botnet C&C IP Reputation Queries/mo.
20B Message Reputation Queries/mo.
2.5B Malware Reputation Queries/mo.
300M IPS Attacks/mo.
Geo location feeds 6
Security Connected

7. McAfee Gateway Anti-Malware Engine Scanning
Unique to McAfee Web Protection
Emulation provides real-time protection
Most effective zero- day protection
DISSECT
ANALYZE
McAfee’s provides proven anti-virus software that can block known threats that have a recognized signature. However, this ability, while essential, is not sufficient. As I noted previously, malware authors are becoming more proficient at creating attacks that evade signature detection, since the signature is used only once.
Therefore, what’s needed is a proactive analysis engine that uses a heuristic approach to emulate and evaluate the behavior of a payload, without depending on a signature. Gateway Anti-malware (GAM) Engine is just such an engine.
Other vendors evaluation processes look at the category, reputation and signature of an incoming web page.
GAM, on the other hand, dissects the page into its various components, then analyzes each component in detail. Finally, it emulates the target environment to evaluate the behavior of the payload. Is it doing anything suspicious, like trying to unpack an encrypted set of code?
Based on the proactive intent analysis of the payload, GAM does a superior job of identifying zero-day malware and blocking it. In fact, in the 2014 Magic Quadrant for Secure Web Gateways, Gartner said, “MWG has strong malware protection due to its on-box browser code emulation capabilities. The solution provides the ability to adjust the sensitivity of malware detection. A rule-based policy engine enables flexible policy creation.”
I should point out that this is not a true sandbox platform. That capability is part of McAfee Advanced Threat Defense, which we’ll discuss in a moment. However, short of running a sandbox, GAM is the most effective zero-day malware detection you can run.
EMULATE
“MWG has strong malware protection due to its on-box browser code emulation capabilities.”
Gartner, Magic Quadrant for Secure Web Gateways

8. Security Malware detection New 2013 results
95%
99%
New 2013 results
Web Gateway increases Zero-Day protection to 95%
Other vendors invited to participate
No response
And, we’re not the only ones to recognize that…
To better help demonstrate the effectiveness of the McAfee solution, we commissioned AV-Test Labs, a well-respected independent company that specializes in malware testing, to compare McAfee Web Gateway with other competitors. To ensure a fair test, McAfee did not supply any samples or had any knowledge of the sample that were used in the test.
The test focused on different types of malware – and you can see from the results – the McAfee solution outperformed the competition in every category.
For the Zero-Day Protection portion: McAfee Web Gateway blocked the most malicious URLs, with a protection rate over 90%. Zero-day threats are typically identified through the gateway’s ability to open up content for inspection, coupled with whatever proactive scanning abilities and cloud intelligence a vendor may provide.
The next area focused on PE (portable executable) Malware Detection: Again, McAfee achieved the best score in this category testing at 99.9 percent, detecting nearly all malicious samples ranging from worms and Trojans to password stealing programs and rogue applications. This test focused on the generic malware detection and blocking capabilities, especially with signature-based protection.
And finally, Non-PE (portable executable) Malware Detection which looks for things like PDF exploits and files, including malicious scripts and macros for Microsoft Office and other applications. McAfee detected nearly 99 percent of malicious non-PE files, the highest of any other vendor tested. (at the time of the testing, Websense did not provide protection for PDF exploits)
Zero Day Protection Rate
PE Malware Detection
Non-PE Malware Detection
Cloud intelligence
Ability to open content and inspect
Proactive scanning
Signature-based protection
Worms, Trojans
PW stealing programs
PDF exploits
Macros for MS Office
Malicious scripts
AV-Test.org
Performance results obtained using specific combinations of hardware, software, and test samples. The results reflect approximate relative performance as measured by the tests performed. Any difference in system hardware, software or available threat information may cause your performance to vary.

9. Proof Point Competitive POC BACKGROUND OUTCOME
Fortune 10 US corporation with world-wide network
Existing Blue Coat installation
BACKGROUND
Scanned
Results
30-Day POC Evaluation
One sixth of web traffic sent to Web Gateway after being scanned by existing solution
Ninety-two million URLs
346,000 websites and web objects
280,000 URLs categorized incorrectly by current proxy
50,000 URLs with unacceptable reputations
16,000 discrete web objects containing malware
While tests can be helpful, the best way to understand the power of McAfee Web Protection is to bring it into your organization, like this Fortune 10 corporation did. They installed Web Gateway behind an existing Blue Coat system so that it would analyze and filter the traffic after it had been deemed appropriate. During a 30 proof of concept, they found some pretty startling results: an unacceptable amount of malware was getting into their network, despite using one of the secure web gateway market leaders.
This corporation estimated that during the 30 day POC, Web Gateway helped protect 1,000 desktops from infection. Applying their own internal remediation costs, they determined that they had saved between $ K just in that one month period. That translates into approximately $1M per month across the entire organization.
OUTCOME
1,000 desktops saved from infection during POC
Remediation costs: $150–$200 per desktop
During POC: $150,000–$200,000 savings
POC result: Prospect became a customer

10. Security Integrated DLP prevents data leakage
Credit card numbers found
In addition to controlling the applications, McAfee also enables you control over the data that is being sent through cloud applications. McAfee includes Data Loss Prevention technology as part of its web protection capabilities. McAfee Web Gateway supports predefined DLP dictionaries and enables custom dictionaries to be created through either keyword matching or regular expressions. This enables you to apply comprehensive DLP rules to your outbound web traffic, ensure and document regulatory compliance, and provide forensic data in the event of a breach – all without purchasing another solution.
In this example you can see that an employee at “Acme Rocket Co.” is attempting to send credit number data (protected by PCI DSS) in a LinkedIn message – but a DLP rule blocked the attempt.
McAfee DLP is recognized as a Leader in the Gartner DLP Magic Quadrant, most of the other vendors who provide DLP technology either have much weaker offerings, or use third-party DLP software which is not under their control.
Apply comprehensive DLP rules
Supports preformatted McAfee DLP dictionaries
(HIPAA, PCI, UK-NHS, European IBAN)

11. Security Encrypt data going to the cloud
Data loss prevention can also be extended to protect uploads to file sharing/collaboration sites containing sensitive information, such as credit card numbers, and (based on your policies) automatically encrypt or block the file before uploading it. This prevents the file from being access by anyone who attempts to download it without going through the Web Gateway first.
This file encryption feature is unique to McAfee and was called out as one of our strengths in the most recent Gartner Magic Quadrant: “In addition to its existing data loss prevention (DLP) support, MWG also protects sensitive data stored in public clouds from unauthorized access. It can automatically encrypt files transmitted to Dropbox and other file sharing and collaboration sites, and users cannot retrieve and decrypt files without going through the MWG.”
Encryption protects cloud-based files

12. McAfee Advanced Threat Defense
Comprehensive approach to malware
Advanced Threat Defense
Threat Intelligence Exchange
FIND
Network Security Platform
While it’s not part of the McAfee Web Protection solution, we should take a moment to mention McAfee Advanced Threat Defense (ATD) – which is McAfee’s advanced dynamic sandboxing and static code analysis solution. McAfee Advanced Threat Defense is designed to work with McAfee Web Gateway, McAfee Gateway, Next Gen Firewall, Endpoint, and other McAfee security products
The MWG system administrator can set a suspicion threshold in the rules engine, that forwards suspect payloads to ATD, which, in turn, performs a deep analysis of the payload by running it in a true sandbox that simulates the target platform – browser, operating system, etc.
ATD not only runs the code in a sandbox, it also reverse-engineers the code and compares it with malware code that’s been previously identified. Since not all malware code gets executed in the sandbox, the addition of static code analysis provides the ability to catch virtually any malware packet.
While ATD is performing its analysis, McAfee Web Protection can periodically check its status and update the user, until the payload either passes muster and is forwarded to the user, or its identified as malware and blocked. The MWG administrator also has the option to set a time-out parameter which forces the user to wait for a pre-determined interval and, if the sandbox hasn’t completed its analysis by then, allow the payload through to the user. If it’s later determined to be malware, ATD can notify McAfee ePO which can then remediate the malware from affected clients.
Next Generation
Firewall
FREEZE
FIX
McAfee
Enterprise Security Manager (SIEM)
McAfee Web Gateway
McAfee
Real Time
McAfee Gateway
Endpoint

13. Application Management
Application Discovery
What applications are your users actually using?
Application Controls
Can you manage application entitlements?
Application Access
Can you deliver user access and strong authentication?
A major challenge for many organizations is the shadow IT problem caused by users purchasing applications without considering the security ramifications of deploying them in your network.
As a system administrator you have to know what SaaS applications your users are actually using. Otherwise, they may be exposing your organization to security risks you’re not even aware of.
Once you’ve identified the specific applications in your environment, the next step is to implement your acceptable usage policy and enforce any restrictions you need to place on end-user entitlements.
Finally, the last stage is to enable and manage application access for the web applications your users are using. For those applications that contain sensitive data, you should also require multi-factor authentication to validate a user’s identity before granting him/her access to the application.

14. TODAY’S REALITY:
More than 80% of employees worldwide use SaaS applications without IT approval.
“shadow IT” is not a trivial problem. In a recent world-wide survey of both IT professionals and line-of-business users (non-IT) conducted for McAfee by industry analyst firm Frost & Sullivan, we discovered that more than 80% of employees in the surveyed organizations were using SaaS applications that IT knew nothing about.
The survey also uncovered the disturbing fact that on average, 15% of employees worldwide have experienced a security, access, or liability incident while using SaaS.
Frost & Sullivan: The Hidden Truth Behind shadow IT

15. Application Discovery
What are your users up to?
What applications are on your network?
What applications are on your network?
Which are blocked?
Which are blocked?
The bottom line is you can’t control what you don’t know about. How do you solve this problem?
MWG Content Security Reporter (CSR) integration with Web Gateway includes the ability to create dashboards that you can use to identify any and all SaaS/cloud applications your users are accessing. Application discovery eliminates the uncertainty of shadow IT by exposing which applications are in your network, who’s accessing them and what impact they’re having on your infrastructure.
Who are the top users?
Who are the top users?
How much bandwidth are they using?
How much bandwidth are they using?

16. Integrated, Actionable Discovery
Content Security Reporter + McAfee ePO = visibility, control, compliance
McAfee’s powerful security management platform, McAfee ePolicy Orchestrator or ePO, supports detailed and actionable web reporting through the McAfee Content Security Reporter extension which is part of McAfee Web Gateway.
Content Security Reporter gives you the granular information and tools you need to understand how your organization is using the web, comply with regulations, identify trends, document problems, and tailor your filtering settings to enforce your web usage policies. Combine these granular reporting capabilities with the fact that Web Gateway can retrieve and apply data from ePO to its policies – and you begin to see the power of Security Connected.
Let’s see how this works - with actionable reports in Content Security Reporter, you can simply right-click a URL in a report, add that site to an ePO block list and any ePO connected solution, such as McAfee Web Protection, can immediately apply it to policy. This is very powerful for accelerating response and mitigating problems across ePO connected solutions.

17. Web Application Controls
Enforce acceptable usage policy
Enable/Disable specific applications
Control entitlements, access, data sharing
Now that you know WHO has is running cloud applications in your environment, the next step is to control WHAT they can do with those applications.
With McAfee, you can choose from a range of more than 1,000 controls to enforce your organization’s acceptable usage policy for most popular web applications, enabling or disabling access along with specific functionality as needed. You control who uses a web application and how it is used. Do you want to enable access to Facebook but not allow Facebook chat or posting? Block users from sending out LinkedIn messages? No problem.
Apply policy based on application, user, group, risk, …

18. Application Controls YouTube example
Customize block page with your logo, colors, instructions…
To help demonstrate the power of application control, I want to share a YouTube example. With McAfee, you can allow access to YouTube but control what content your users are accessing such as Music videos. Note that YouTube has their own categories on the left side. Real-time look-ups of YouTube content categories enable you to easily incorporate YouTube categories into access policies.
This allows you to, for example, block users from playing music videos during work hours.
Note, also that you can customize the block page message with your own logo, color scheme, and text.
Query for YouTube category in real-time
Set policy by: Category, Author, Channel

19. Web Identity Launch Pad
Application Access
Web identity
Single Sign On
One Time Password
Laptop
Internal User
When your employees get access to multiple SaaS applications , one inevitable result is password chaos – with passwords attached to sticky notes and filed in (unprotected) lists in the employee’s mobile device. Employees hate to have to remember and manage multiple passwords.
Just ask yourself, “how many passwords do you have?”
With McAfee Web Identity, an optional add-on SKU for McAfee Web Gateway, McAfee is the only vendor to give you the flexibility and convenience of integrated web application single sign-on that eliminates the hassle of remembering all those passwords. Plus, your help desk will appreciate the reduction in password reset calls.
You also have the option to use multi-factor authentication to reliably verify a user’s identity before giving them access to SaaS applications that contain corporate secrets or personally identifiable information.
A final consideration is provisioning and de-provisioning capabilities that can be used to automatically create and terminate accounts as users profiles in your enterprise directory are added or removed.
Built-in reporting helps you monitor SaaS application usage and compliance with regulatory requirements.
This integrated solution includes easy to deploy and user-friendly access management capabilities that make life more convenient for users, cut down on help desk calls, while at the same time providing the enterprise with stronger security.
Mobile
Web Identity Launch Pad

20. Web Gateway Multi-layered Protection
Reputation (GTI)
Geo-location (GTI)
URL categorization & filtering (GTI)
Media & file analysis
Identify web applications in use
Controls enforce acceptable usage policy
SSO and multi-factor authentication for access
Application Management
Content Inspection
DLP Engine
Full dictionaries
Enforce data leakage policy
File encryption
Protect data on file-sharing sites
Scrutinize HTTPS traffic
Identify malware hidden in encrypted web sessions
Enforce application controls
Data
Leakage
ePO
SSL
Scanning
In summary, then, McAfee Web Gateway provides extensive, multi-layered protection for your systems. It delivers (build on each bullet):
Wide ranging content inspection, including reputation analysis and site categorization from GTI, plus a variety of file filtering techniques
SSL scanning – which is essential for examining the contents of HTTPS-enabled web traffic for both hidden malware as well as applications that IT needs to manage
Anti-malware – both signature-based and zero-day malware detection
Botnet client – the ability to spot malicious applications that may have slipped onto a computer that are trying to contact a command-and-control server
Data leakage – a DLP engine with can enforce policy regarding the movement of sensitive data outside the enterprise network; as well as the ability to transparently encrypt files that are uploaded to Box or some other file-sharing site
Application management – the ability to find all web applications in use, and apply acceptable usage policies on approximately 1,000 popular SaaS applications and social media, to improve security and end-user convenience with SSO and multi-factor authentication.
Signature-based AV
Zero-day malware detection
Dissect, emulate target platform environment
Evaluate code behavior
Botnet Client
Anti-Malware
Identify “phone-home” behavior
Aggressive scanning of non-human initiated requests
Outbound Traffic
Inbound Traffic

21. FLEXIBILITY What is the most effective deployment scenario for me?
Should I go on-premises or the cloud?
How do I manage web access for remote or mobile users?
Is there some way to protect them from malware infections?
Now, let’s talk for a few moments about Flexibility. Some of the questions you should be asking yourself include the deployment scenario that makes the most sense for your organization, as well as how difficult or easy is it to modify your environment as your business needs change.
And, with more and more mobile or remote users, you need to figure out how to give them the same degree of protection that you provide for you users who are inside the firewall.

22. Common policy, management & reporting
Flexibility
Deploy on-premise, in the cloud, or a hybrid combination VM
Appliance and SaaS (Hybrid)
Remote Users (SaaS)
SaaS or VM
Performance and Scalability
from Branch Offices to Corporate Headquarters
Common policy, management & reporting
McAfee Web Protection has unique flexibility that allows you to cost-effectively mix-and-match deployment options.
Gartner noted this as one of McAfee’s strengths in the 2014 Magic Quadrant, “Intel Security has a good implementation of a hybrid cloud/on-premises solution.”
Deploy any way you want – on-premises, in-the-cloud or a hybrid combination – all using the same set of licenses. For example, you can offload web traffic to the cloud for added high-availability or use the hybrid model as a cost-effective fail-over option.
Common policy synchronization and reporting streamline management, ensure consistent policy enforcement, and simplify reporting and investigation.
With the on-premises option, you’ll find a family of appliance models— which can be clustered for improved performance and availability— support for virtualized machines, and even a blade option, to give you the performance, scalability and flexibility that you need.
The SaaS option gives you all the performance and scalability of the cloud, while ISO certified data centers in major geographies (North America, South America, Europe, Japan, Asia, Australia and New Zealand) give you the assurance that your data will be kept secure using industry best practices.
You deploy the solutions that make the most sense for how your business is organized, with the assurance that you can modify your configuration as needed to adjust to changing business conditions, without needing to buy additional licenses – one SKU covers both on-premises and cloud users.
Some of our competitors offer on-premises or cloud-based access, however they don’t have the common license model that we provide, nor do they have the ability to manage both on-premises and cloud deployment using a common set of rules and policies.
SaaS
Hardware Appliances
Cloud-based
Virtual Appliance
Blade Server

23. McAfee Client Proxy Protect mobile & remote users ? Off Network ?
Corporate Office
On-Network Web Gateway ?
Off Network
Internet ?
As the cloud grows and the workforce becomes more mobile with more devices, protection needs to travel with the user rather than stay in the office. McAfee Web Protection enables organizations to extend their security policies to today’s popular smart phones, tablets and laptops by directing web traffic to McAfee Web Protection for advanced anti-malware protection and corporate web access policies. McAfee Web Gateway also extends protection to mobile devices accessing content that is traditionally available on internal corporate servers such as intranets, wikis, SharePoint servers, and other web-based solutions.
One example of off network protection is McAfee Client Proxy, our solution for laptops. With McAfee Client Proxy, a tamperproof agent enables roaming users to seamlessly authenticate and redirect to a McAfee Web Protection solution, either Security-as-a-Service (SaaS) or our on-premises web gateway. This enables Internet access policy enforcement and full security scanning to be applied, even if their Internet access is being provided through a captive portal, such as at a coffee shop, hotel, or other Wi-Fi hotspot.
Here’s how it works: McAfee Client Proxy will check to see if it is on the network and behind a Web Gateway. If there is no reply, it becomes active if an Internet connection is available and directs the traffic to either McAfee SaaS Web Protection or a Web Gateway in a DMZ.
Browser
Browser
Client Proxy
McAfee Data Center
SaaS Web Protection
(or Web Gateway in DMZ)
Active

24. Features & Benefits Secure Proven Scalability Flexible Architecture
Best of breed security services, #1 malware defense
Protect on-premises and remote/traveling users
Proven Scalability
Start small - SMB to enterprise
Add capacity, as needed
Flexible Architecture
Fit business requirements
Adapt as business needs change
With the McAfee hybrid deployment model, you have the freedom and flexibility to configure your Web Gateway to meet your unique business requirement and change them as circumstances change. For example, one customer who was using an on-premises appliance acquired another company. They found the quickest, easiest way to protect the acquired company’s infrastructure was to set them up with SaaS Web Protection.
The model is not only flexible but extremely scalable. You have the ability to assign users where it makes business sense, and still deliver the overall performance and throughput you need. You can scale up your on-premises systems by acquiring larger appliances, or clustering appliances together. And if you’re using the SaaS platform, we take care of making sure that performance is quick and crisp.
Because our systems can be fully synchronized, with the same policies on both platforms, you have consistent security regardless of how your users are accessing the web.
It’s cost-effective, so you don’t have to buy more capacity than you need. We’ll work with you to deliver the right-sized system to meet your requirements.
And, finally, because both on-premises and cloud systems can be synchronized from one location, it’s easy to manage the system. Consistent dashboards and reporting also simplify monitoring and management tasks.
Cost-effective
One SKU, one price
Buy only what you need
Manageable
Easy policy synchronization
Consistent, cross-platform reporting

25. McAfee Web Protection Security Rules-based policy enforcement
Global Threat Intelligence
AV & Gateway Anti-Malware engines
Built-in Data Loss Prevention
Cloud storage file encryption
Advanced Threat Defense integration
Application Management
Identify and control rogue SaaS applications
Single sign-on and multi-factor authentication
Flexibility
Mobile & remote user protection
Hybrid deployment options with policy synch
Forward and reverse proxy options
In summary, McAfee Web Protection provides your organization with
industry-strength security technologies
the ability to identify and effectively control user’s access to cloud applications and web sites
Mobile and hybrid deployment options that extend your security umbrella to from internal to cover mobile, remote or external users

26. Next Steps – Prove It to Yourself!
STEP ONE
Communicate Results. Take Action!
STEP THREE
Run Web Gateway Proof of Concept
STEP TWO: REVIEW RESULTS
Now that you know what can be done, let’s take a look at the next steps you can take to prove this to yourself.
Install McAfee Web Gateway off any mirror port
This is a passive installation that can be easily deployed in under 2 hours to sit behind your existing firewall or gateway solutions
Immediate Results:
Show malware that’s been missed by your existing solution
Identify applications in use
See your data is going
Generates an “Executive Summary Threat Report” for CxO team to review.
Use the results to make the case for replacing your current solution with McAfee Web Protection.
APPLICATION NAME
SUM OF HITS
BitTorrent Variants
22640
Google Analytics
1183
Hotmail
766
Facebook
754
Other
4093
TOTAL
29463
CATEGORYNAME
# of Detailed Web Access
Payment Card Industry – Credit Card Number Violations 35
DLP: User-Defined Dictionary 23
SOX Compliance – Merger and Acquisition 1
TOTAL 59
MALWARE NAME
SUM OF HITS
McAfeeGW: Heuristic.BehavesLike.JS.Infected.A 38
GoMcAfeeGW: Heuristic.BehavesLike.JS.Unwanted 19
McAfeeGW: Heuristic.BehavesLike.Win32.Suspicious-BAY.G 11
McAfeeGW: Heuristic.BehavesLike.Win32.Suspicious-BAY.K 7
Other 12
TOTAL 87