PR Web Gateway - u.b5z.netu.b5z.net/i/u/10210123/f/PR_Web_Gateway.pdf · " Powerful policy engine:...

McAfee Confidential—Internal Use Only

McAfee Web GatewayCustomer NameYour Name, Your Title

August 26, 2013


Rank Country Population Date of Estimate

1 China 1,349,560,000 November 20112 India 1,247,288,000 November 20113 Facebook 800,000,000 November 20114 USA 314,028,000 November 20115 Indonesia 243,162,000 November 20116 Brazil 197,238,000 November 2011

If Facebook Was a Country

Internet’s Number One Site

August 26, 20132

• People spend over 750 billion minutes per month on Facebook

• 65% of adults use social networking (Pew Research, May 2011)


Social Media Value and Threats

August 26, 20133

“Facebook easily infiltrated by data-harvesting bots, researchers find” PCWorldNovember 2011

“Facebook and YouTube dominate workplace traffic and bandwidth”SC MagazineApril 2010

“Researcher plants rogue app in Apple’s App Store”ComputerworldNovember 2011

“Loudmouth workers leaking data through social networking sites”The RegisterApril 2009

“Hackers take over NBC Twitter account”The New York TimesSeptember 2011

New Marketing Channels

Employee Life/ Work Balance

Collaboration Tools/Business Apps

Find Employees


Traditional Web Gateway Solutions

August 26, 20134

Web 1.0 block /allow technology• Web Filtering• Outbound URL requests are only filtered by

the URL category or content of the Web site• Inbound traffic may not be filtered• Block or allow—don’t allow granular,

controlled access to interactive social media sites

• Completely block access to infected sites—no granularity

Anti-Virus• Protection gap with signature-only gateway

anti-virus solutions—can’t build signatures fast enough, when are systems updated

• No protection again zero-day attacks and non-executables such as JavaScript and HTML docs

Most companies have a security blind spot because they don’t decrypt SSL

Web 1.0 Gateway• Outbound Proxy• URL Web Filter• Web usage logs

Anti-Virus Gateway• AV Signatures only• No Zero-day

protections


Today’s Web Business Challenges

5

SECURITY Proactive Malware Protection

CONTROLEnable and Manage Inbound/Outbound Access

PERFORMANCE Scalability, Flexibility, Manageability


McAfee Web Protection: Designed For Today’s Web

6

SECURITY

CONTROL

PERFORMANCE

• Hybrid security• Local: Proactive anti-malware protection • Global: McAfee File Reputation, Web Reputation

• Deep content inspection including SSL traffic

• Robust proxy / cache• Enterprise scalability• Flexible delivery: Appliances, VMware, SaaS, blade

• Flexible deployment: Proxy, transparent bridge, transparent router

• Inbound / outbound filtering of multiple Web protocols • Powerful policy engine: application control, prevent

data loss• Extensive reporting/auditing


McAfee Web Gateway: Safe Productive Use of Today’s Web

7

http:80

Gnutella:80

Malicious SQL injection

Keylogger

McAfee Web Gateway

Inappropriate Use

Spyware phoning home

Leaking data

Web FilteringAnti-Malware and Anti-Virus

SSL ScanningApplication Control

AAA ProxyCache

Data leakage/complianceComprehensive reporting


McAfee Web Gateway

August 26, 20138

SECURITY

McAfee Confidential—Internal Use Only9

Unprecedented Malware Growth

Cumulative Malware Threats

20,000,000

40,000,000

10,000,000

30,000,000

50,000,000

60,000,000

2011

• On track to reach 75 million samples by year end

• Collect on average 2 million new samples every month

• Detections surpass a frightening 60,000 samples per day

2007 2008 2009 2010

5,987 7.9Million

18.6Million

34.8Million

Source: McAfee Labs

70,000,00075

Million


Sample malicious traffic from financial institution

10

HTML Documents (Incl. embedded scripts)

Windows Executables

Standalone JavaScript

Graphics (JPEG, GIF)

McAfee AV: Signature coverage

McAfee Anti-Malware: Proactive coverage

30%

1% 0.5%

5%

16%

47%


Gateway Defense in DepthProtects against known and unknown threats quickly and efficiently

11

GeolocationGeolocation

Web ReputationWeb Reputation

Web CategorisationWeb Categorisation

Media/File AnalysisMedia/File Analysis

File ReputationFile Reputation

McAfee Anti-VirusMcAfee Anti-Virus

Gateway Anti-MalwareGateway Anti-Malware

McAfeeWeb

Gateway


Gateway Anti-Malware“Zero Day” Protection—Behavioral Intent Analysis

August 26, 201312

Visual Basic for AppsMacros in Office Docs

Java Applets andApplications

JavaScript and Visual Basic Script

Windows Executablesand Dynamic Link Libraries

ActiveX Controls andBrowser Helper Objects

Adaptive Policy Based on Location, Risk Posture, and Categorization

AnalyzeIntent

Emulate

Dissect


McAfee Labs

EmailFirewallIPS DLPWeb AWLePO AV

13

File Reputation Engine

Web Reputation Engine

Network Reputation Engine

Email Reputation Engine

Vulnerability Information

Threat Intelligence FeedsOther feeds & analysisServers FirewallsEndpoints Appliances

Mobile

100+ BILLION Queries/Month

How Global Threat Intelligence WorksDelivering the Most Comprehensive Intelligence in the Market


Overview of Testing by AVTEST

August 26, 201314

PE Malware Test: Detection of relevant current malicious Win32 portable executable (PE) files, also referred as “Zoo viruses”, which are not older than three months at the start of the review

Zero-Day Testing: Testing of the effectiveness of dynamic URL filtering capabilities and protection against zero-day malware by accessing real URLs that host malicious downloads

Non-PE Malware Test: Detection of current malicious non-PE files, such as PDF exploits, as well as files including malicious scripts and macros for Microsoft Office and other applications, which are also not older than three months


Malware Detection

15

91%

99% 99%

74%

94%97%

25%

85%

71%

58%

91%

16%

0%

20%

40%

60%

80%

100%

Zero Day Protection Rate PE Malware Detection Non-PE Malware Detection

McAfeeBlue CoatCiscoWebsense

• Cloud intelligence• Ability to open content

and inspect• Proactive scanning

• Signature-based protection

• Worms, Trojans• PW stealing programs

• PDF exploits• Macros for MS Office• Malicious scripts

AV-Test.orgPerformance results obtained using specific combinations of hardware, software, and test samples. The results reflect approximate relative performance as measured by the tests performed. Any difference in system hardware, software or available threat information may cause your performance to vary.


McAfee Web Gateway

August 26, 201316McAfee Web Gateway

CONTROL


Powerful Rules-Based Engine

• McAfee Web Gateway includes a powerful policy engine that enables unmatched flexibility in creating and applying policy

– Enable/disable specific functionality– Remove malicious links or extract only the malicious code while letting the

balance of the page display• Application Control: Point/Click control for over 1000 web applications

– BitTorrent, Kazaa, Youtube, Facebook, LinkedIn, etc.• Flexible Control

– Apply policy based on specific application, user, group, risk, etc.• Enable data loss prevention for web mail• More strict malware policy on high-risk or specific applications• Enable or disable specific functionality as needed

– Allow Facebook but block all Games or specific games: Mafia Wars

• Additional applications– Flexible rules engine detects/applies policy beyond listed web applications


Control: Remove functionality


Control: Remove functionality

August 26, 201319

Remove Inbox and Search functions from


Control: Block functionality


Web Filtering for Endpoints v3.0

8/26/201321

• Web Filtering for Endpoints (WFE): Add-on Module to SiteAdvisor Enterprise Plus v3.0

– Common database and category set – Common reporting:

• Domain and download reporting with ePO • Detailed reporting with Web Reporter

– Gateway aware• Disable SAE/WFE when behind a web

gateway

– Tamper resistant– Added value

• Educates and warns end users – before they click

• Advanced phishing protection • Indicates amount of potential spam/email

from each website


McAfee Web Gateway


PERFORMANCE


McAfee Web Security

23

Per

form

ance

Branch Office Corporate HQ

WG4000

WG4500

WG5000

WG5500

Content Security Blade Server


Understand Traffic and Simplify Investigations

24

• Pre-built and customizable reports and dashboards

• Real-time views with extensive drill-down capability

• Scheduled reporting in multiple languages quickly process GBs of data

• Enterprise features: delegated reporting options


ePolicy Orchestrator

25

• Integrate data from multiple sources into a single hub– Web, email, end points, networks, vulnerabilities and more

• McAfee Web Gateway and ePO– Customizable dashboard– Actionable reports– Launch UI and view system information


Success: Trusted By Enterprises Around the World

26

T R U S T E D


Recognized Web Gateway Leader

27

“MWG has strong on-box malware protection through use of the McAfee Gateway Anti-Malware Engine...”

“[McAfee] received the highest score on the technology portion of the evaluation...thanks to its innovative Web reputation technology and high-performing appliance,…”

IDC ranks McAfee #1 in Appliance Market Share –for web security appliances

SC Magazine Awards 2012 Best Web Content

Management Finalist

SC Magazine Awards 2012 Best Anti-Malware

Gateway Finalist


Experience the Benefits

28

Estimated ROI

• Fortune 100 US corporation • Existing web proxy/gateway installation

30-Day POC Evaluation

One sixth of usersmoved to Web Gateway

280,000 URLs categorized incorrectly by current proxy

16,000 discrete web objects containing malware

Scanned Results

50,000 URLs with unacceptable reputations

Ninety-two million URLs

346,000 websites andweb objects

Background

1,000 desktops saved from infection

Savings:

Remediation costs: $150-$200 per desktop

During POC: $150,000-$200,000 savings

Extrapolated to entire organization: $900k to 1.2M savings per month


Heuristic Detections

99%

File Reputation

1%Virus0%

Trojan0%

- 2,000 4,000 6,000 8,000

10,000

2011

-01

2011

-02

2011

-03

2011

-04

2011

-05

2011

-06

2011

-07

2011

-08

Detection Results at FedEx

August 26, 201329 Source: FedEx

Web Gateway deployment begins Feb 5

Malware download blocks


McAfee Web Gateway Summary

30

Security: proactive, layered protection on all web traffic

Control: enable and manage inbound/outbound access

Performance: scalability, flexibility, manageability

Value: Minimize risk, say yes to Web 2.0, consolidate features

PR Web Gateway - u.b5z.netu.b5z.net/i/u/10210123/f/PR_Web_Gateway.pdf · " Powerful policy engine:...

Documents

Transcript of PR Web Gateway - u.b5z.netu.b5z.net/i/u/10210123/f/PR_Web_Gateway.pdf · " Powerful policy engine:...