Internet content security, threat management and Employee Internet Access Control
Making the internet safe for business
On-premise, endpoint, mobile, virtual and cloud systems protection
Internet Security, also widely known by its marketing term ‘Web security’ deals specifically with security of anything that interacts with or across the Internet (websites, web applications, social media, web services, web email).
Solutions monitor and report on more than 1,000 Internet protocols and applications, including instant messaging, peer-to-peer, social networking applications, and streaming media.
The Challenge
Web security threats can launch sophisticated, coordinated attacks that require little, if any, user action. Spyware, adware and other malicious software often installs itself without the user’s knowledge – leaving no trace while it quietly collects information and disrupts system performance. Once it has been installed, malicious software can be difficult to detect and remove, often reinstalling over and over and disabling any security measures.
Key Solution Benefits
Prevention
> Prevents web-based threats from infecting your network.
> Ensures all web content is free from malicious code before it is delivered to users.
> Centrally manage, deploy and report on acceptable usage policies for internet usage for individuals, groups, laptops, smartphones, desktops, geographic locations, what web applications can be used and the type of data sent of them.
Image: web app usage report
> Protect your organisation, IT investments and employee productivity from web-based / Internet protocol threats (malware, spyware, viruses).
> Eliminates unnecessary investment in infrastructure, reduces burden on in-house IT resources, and delivers predictable costs.
> Save your business bandwidth – prevent your internet bandwidth being used for non-work related internet content.
> Interoperability with existing Firewall and Email Systems
> Stops virus and spyware downloads, botnets, malware call back attempts, and malware tunneling.
> Security for web protocols such as HTTP, HTTPS an FTP.
> Enables the monitoring, control and enforcement of Web Acceptable Use Policies.
> To help enforce your web acceptable use policy, Security, Compliance, Productivity.
> Boosts user productivity, ensures compliance, and saves bandwidth by blocking users from visiting inappropriate websites or downloading media files.
> Restricts access to certain websites during specific hours and helps protect bandwidth and productivity by placing time and volume limits on Internet use.
> Provides data on malware protection and applies usage policy to users outside the corporate network.
> Create and apply new policies to all users, including roaming workers on external networks.
> Provides access to a dedicated team of SaaS specialists who understand the importance of service excellence.
> Defends against the loss of confidential data.
> Multi language pattern matching.
> Visibility into data on service performance, web threats and current web usage statistics.
> Reporting that provides visibility into Internet and web application traffic.
Solution Deployment Options
Hybrid deployment options
Deploy 100% either on-premise with purpose built hardware appliance or server software. Choose a 100% cloud-based deployment or deploy a hybrid network. The choice is yours, depending on your network needs.
> On-premise
(Prevents malware from entering your network, relieving the burden on endpoint security).
- Software for servers
- Virtual agent software for virtual servers (Microsoft Hyper-V, VMware)
- Hardware Appliance (gateway)
> Agent based for mobile / endpoint devices
> Cloud / Managed Service
Solution Features
> Internet / Web filtering
Web Security solutions that encompass some or all features: Anti-Spyware / malware / Phishing / Anti-Virus, URL Filtering, HTTPS inspection, Sandboxing, DLP and anti-botnet detection).
> Data Loss Prevention (DLP)
- Customisable control of data leaving the network via the web (DLP) Data protection policy helps to ensure that confidential and personal data does not leave the network via the web, whether inadvertently or with malicious intent.
- Scans all outbound web traffic to ensure confidential data does not leave the company (Credit cards, social security numbers, and many other pieces of sensitive data can be identified).
- DLP templates designed to satisfy major compliance regulations and ensure that Personally Identifiable Information (PII) and sensitive data files are identified and protected.
- Wildcard pattern matching
> DLP Addresses Regulatory Compliance
- PCI/DSS - International standard for data security for credit cards
- IBAN - International Bank Account number
- US HIPAA - Sets standards for any healthcare organization in the US
- US Gramm-Leach-Bliley Act (GLBA) - Sets privacy regulations for banking, insurance, and investment companies
- US SB-1386 - Refers to state data breach laws
- UK NHS number - Used to identify UK patients and locate health Records
- Personally Identifiable Information
- Banking and financial Information
- Cardholder Information
- Source Code Identifiers
- Executable
- Over 170 different file types including MS Office , database , multi-media and compressed files
> Anti Malware
Reducing the threat of spyware and viruses delivered through Internet connectivity and web browsing.
> Anti-Spyware
> Anti Phishing
Block web pages known to distribute phishing content.
> Anti Virus
Block 100% of known viruses
Multiple analysis engines scan all Web requests in real time. Heuristic analysis detects unknown emerging and zero day threats.
> HTTPS Inspection (SSL decryption / encryption)
- Closes the HTTPS security loophole by Monitoring and Inspecting HTTPS content (decrypting and inspecting encrypted content).
- Relieve / off load CPU-intensive tasks of encrypting and decrypting Datacentres and Backend servers
- Inspect all common tunnelling protocols including PPTP, L2TP, IPSec, SSL and on-demand host integrity checking enable inspection of encrypted content, such as traffic sent over VPN connections.
- Implementing a Web security appliance or cloud solution with integrated SSL, greatly reduces operational cost for time spent managing certificates and reduces human operational errors.
> URL filtering
Controls web / Internet use
- URL filtering is typically deployed to prevent users form visiting dangerous or inappropriate web sites.
- also gives administrators the option to explicitly allow web sites,or to pass web traffic uninspected both to and from known-good web sites in order to accelerate traffic flows.
> Authentication
Enforce two-factor authentication for internet or specific site access.
> Consistent policy and security for all users regardless of location
Support for roaming and remote users ensures security levels are maintained for all users when they are working away from the corporate network.
> Protect a Mobile Workforce
Extend your protection seamlessly from on-premise to remote and mobile workers with the same solution.
> Application Control
- Control over web applications
- Security technology that automates the discovery of popular Internet applications and allows administrators to control them using policies.
- Visibility and control for over 420 application types running across any port, including applications using custom clients (for example, Skype, bitTorrent, P2P) or leveraging Web 2.0 technologies within the browser (for example, social networking, webmail, and streaming media sites).
- Supports object-level blocking within dynamic web pages such as Web 2.0
- Whether your company policy is allow or block the use of web 2.0 or cloud based applications (social media, web based email, office 365 and other apps) for groups or individuals – you will want to protect against employee productivity loss, corporate data loss, malware and compliance by granularly controlling interaction that users have over the internet.
> Social Media
- Social media controls provide great flexibility. Video controls limit or prevent viewing of viral, entertainment and surveillance videos while allowing access to YouTube Educational videos.
> Scanning Engine
Signature and heuristic based scanning
Engines protect from for known malware, known virus, spyware definitions and sophisticated, targeted web-based threats and unknown zero-day threats.
Link Scanner
FTP Scanning
Scan FTP uploads and downloads. Also block specified file types at the FTP gateway.
iOS and Android user protection
Enable mobile devices in your workplace by extending your existing security policies to mobile devices to protect them from Advanced Threats, mobile malware, phishing attacks, spoofing and more.
Java Applet and ActiveX Security
Applets and ActiveX scanning blocks malicious Java applets and unsecured ActiveX controls at the Internet gateway, preventing them from infiltrating your network and performing malicious acts on client workstations
Monitor Network and User Activity
Monitoring web activity is straightforward using the intuitive dashboard and reports. Intuitive graphs in the dashboard give real-time activity summaries with drill-downs for users, websites, and more.
> Reverse Proxy
Either installed close to clients to protect them from Internet security risks or installed as a reverse proxy to protect a Web server from having malicious programs uploaded to it.
> Web Caching
Accelerates web traffic and content inspection.
> Web Gateway
- Control access to internet and safe websites
- tracks the credibility of web domains
- Control over specific content within sites
- Control web-based applications (web email or social media)
> Optimise Bandwidth
- Cache web content.
- Manage traffic based on protocol or application types.
- User web access time restrictions.
- Video consumes 20 times as much bandwidth as traditional data. Specify how much bandwidth each employee can consume-so video, music, and other heavy content do not slow down internet performance for the entire company.
> Endpoint Web Protection
Devices protected whilst connected to the network. Once they leave the local network, they are still protected and under policy control.
> Compliance
Industry and Regulatory Compliance
Customers require solutions that demonstrate proof of compliance for industry and regulatory compliance. Our solutions are easy-to-use, provide audit logging, archiving and reporting.
Human Resource Department
Typically deployed to prevent users form visiting dangerous or inappropriate web sites.
Policy
- Enforce Internet usage policies
- Different policy actions for web access control, including: monitor, allow, warn, block, block with password override, enforce time quota.
- Restrict user web access by time (e.g. restrict web browsing during office hours)
- Blocking File Extensions: define extensions which should be blocked while browsing the internet, e.g. scr or pif files. This is key, because some executable files are automatically downloaded and executed while a site is being visited.
> Productivity
- Define and enforce granular Web usage policy.
- Fully customisable policy creation for websites, website categories and file types. Rules can be based on users, time of day and Internet usage consumption.
- Productivity control (set access times across user groups and locations) time or bandwidth quotas.
Also see
> Endpoint web protection
> SSL de-encryption
> Web / Internet facing server protection
> Web Application control
> Employee internet access / web content filtering / URL control
> Website, Web Application & Database Protection
> Web Application Firewall (WAF)
> Web Application Server vulnerability scanning
> SSL Certificates
Contact us today to discuss your requirements in more detail.
P: +44(0)7714 209927
S: +44(0)1273 329753
|
info@securenetconsulting.co.uk
|